Infected Telegram App Victims Know Purple Fox Is A Sly, Sneaky Malware

Published: January 27, 2022 on our newsletter Security Fraud News & Alerts Newsletter.



Since its discovery in 2018, Purple Fox trojan has been busy sharpening its malware claws. And now, this latest iteration of Purple Fox is proving difficult to stop…just ask those who’ve downloaded the Telegram app and ended up with an infected device. Malwarebytes notes they’ve previously seen Purple Fox combined with installers from WhatsApp and Windows as well.


With over 500 million active users, Telegram is a smart choice for Purple Fox rootkit to bundle with. The rootkit allows this sly Fox to hide malware on a device, making it complicated to detect. It allows the malware to divide itself into smaller files that sneak past anti-virus protection.


With an enormous distribution channel like Telegram and its ability to avoid detection, it’s no wonder this malware has a dangerous reputation. Researchers at Minerva Labs say Purple Fox is likely distributed through email phishing campaigns and phishing websites. Also, know that sideloading apps from dicey sites is a sure way to download malware, so always go to the official Google and Apple stores for your apps.



Purple Fox is a Worm, Too


Aside from this malware having rootkits to help avoid anti-virus detection, it also has another asset; worm capabilities. Wormable malware automatically spreads from one vulnerable device to another, giving Purple Fox the ability to invade systems and continue infecting others.


The damage a Purple Fox infection can do once it’s taken hold of one device or spread to an entire enterprise system is substantial. Once downloaded, Purple Fox can search and steal data files, delete data, download, and run additional malicious code...and of course, worm its way into Windows systems.


Experts note the evolution of Purple Fox since it was first discovered in 2018. Starting as a basic trojan malware using email phishing and exploit kits to spread, in 2020, it added brute-force attacks involving file sharing on Windows devices. And today, with its latest threat additions, users need to take pro-active, common sense steps to avoid Purple Fox’s razor-sharp malware.


Email Phishing Cyber-Smarts

  • Statistics show email phishing is used 92% of the time to distribute malware. As such, the tips below should become a regular part of everyday cyber-smarts.

  • Use a good dose of common sense and think before you click. Phishing emails often have malware attachments and malicious links in the message and acting on them can be the first step to installing malware.

  • Lookout for any sense of urgency in an email. Hackers like to push us into acting quickly before there’s time to verify the email is legitimate.

  • Be aware of bad spelling, bad grammar, and bad graphics. A legitimate email shouldn’t have any typos, bad grammar or fuzzy logos and other poor graphics.

  • Always verify an email request with the sender, but don’t use contact information in the email as it could be a hacker setup. Instead, type-in the true website URL the email claims to be from and check there if it’s real.

  • Keep all system software updated, especially anti-virus software. Updates have patches for security flaws that can leave a system open to attack.


Keep up to date: Sign up for our Fraud alerts and Updates newsletter

Want to schedule a conversation? Please email us at advisor@nadicent.com

3 views0 comments