A recently identified Android malware described as an information stealer and spyware has broad monitoring capabilities that allow it to harvest and exfiltrate sensitive information from numerous applications, threat landscape management company Cyfirma reports.Dubbed FireScam, the malware is distributed disguised as the ‘Telegram Premium’ application, through a phishing website that mimics the legitimate RuStore application store.The phishing website, hosted on the github[.]io domain, serves a dropper named ‘ru.store.installer’, which installs FireScam on devices running Android 8 and newer.

‍