A new Android malware strain has been uncovered, part of the Rampant Kitten threat group s surveillance campaign that targets Telegram credentials and more. The threat group has targeted Iranian entities with surveillance campaigns for at least six years. The group has relied on a wide array of tools for carrying out their attacks, including four Windows info-stealer variants used for pilfering Telegram and KeePass account information. Researchers were able to track multiple variants of this payload dating back to 2014.
Source: https://threatpost.com/android-2fa-telegram-gmail/159384/