messaging applications Archives

AppWizard

April 24, 2025

Manychat taps $140M to boost its business messaging platform with AI

Manychat has secured million in a Series B funding round led by Summit Partners to expand its operations. The company has approximately 1.5 million customers in 170 countries, including brands like Nike and the New York Times. Manychat facilitates the transmission of billions of messages annually across platforms such as TikTok, Instagram, WhatsApp, and Messenger. Since its inception in 2015, Manychat had raised around million prior to this round, mainly from a million Series A round in 2019. The company operates at a near break-even point and has experienced significant growth, particularly after Facebook opened its Messenger APIs. Manychat's focus on user engagement distinguishes it from many generative AI chatbots. The new funds will be used for research and development to enhance AI capabilities and improve global sales, marketing, and customer support.

AppWizard

April 11, 2025

Signal, Telegram or WhatsApp: Which Encrypted Messaging App Should You Choose

Telegram, a cloud-based messaging platform, stores necessary operational data, including metadata such as IP addresses. In 2024, Telegram updated its privacy policy to comply with law enforcement requests for user data with valid legal documentation, leading to the fulfillment of 900 requests from U.S. authorities affecting 2,253 individuals. The platform has experienced data breaches, including a 2020 incident exposing data from approximately 42 million Iranian users and a 2019 vulnerability that allowed Chinese agencies to identify protestors in Hong Kong. Telegram features public channels without end-to-end encryption and offers secret chats with end-to-end encryption, limited to the device of origin. Automatic message deletion is available with a minimum interval of one day. While the client applications are open-source, the server-side code is closed-source, requiring user trust in the company to protect data. Metadata collection continues despite end-to-end encryption. Telegram operates on a freemium model, with basic features available for free and a paid tier for additional functionalities. The app is available for download on the Apple App Store and Google Play Store at no charge.

Winsage

April 11, 2025

Copilot Recall: Microsoft rolls out AI screenshot tool

Microsoft has rolled out its AI-driven tool, Copilot+ Recall, which captures snapshots of users' screens at regular intervals. Currently in preview mode, it is available to select users of Microsoft's AI-enabled PCs and laptops, following a temporary halt in 2024 for refinement. Access is being expanded to participants in the Windows Insider program, with global availability planned, though users in the EU will experience a delay until late 2025. Recall allows users to search through past activities, and they can opt-in to the feature, pausing snapshot saving at any time. Privacy advocates have raised concerns about potential misuse, as the tool can save images from emails and messaging apps, including private messages. Microsoft asserts that snapshots are not shared with the company or third parties and are stored locally on users' devices. Users can choose which applications can use Recall, and private browsing modes will not be subject to snapshotting. The UK's Information Commissioner's Office is engaging with Microsoft to ensure compliance with data protection laws.

AppWizard

April 9, 2025

Austrian government plans surveillance of WhatsApp, Telegram messaging apps

The Austrian government has introduced a draft law to increase oversight of messaging apps like WhatsApp and Telegram, aiming to aid law enforcement in monitoring potential terrorist and extremist activities. Interior Minister Gerhard Karner stated that police currently lack visibility into the actions of such individuals on these platforms, highlighting the need for specific measures that would only apply to a limited number of cases annually. Access to messaging services would be granted only in situations that suggest terrorist-related or constitution-threatening activities. The initiative received support from State Secretary Jorg Leichtfried of the Social Democratic Party, who assured that it would not lead to mass surveillance. However, there are concerns from the liberal NEOS party regarding the proposal, indicating the need for further discussions. An eight-week review period has been established for the draft law, during which the involved parties will engage with each other.

AppWizard

April 6, 2025

Pentagon inspector general investigating Hegseth’s use of Signal messaging app

DoD's acting Inspector General, Steven Stebbins, is reviewing Defense Secretary Pete Hegseth's use of the Signal app for operational airstrike discussions in Yemen to evaluate compliance with policies on commercial messaging for official communications and classification mandates. Concurrently, House Oversight Committee Democrats are investigating the Department of Government Efficiency's data usage, while OPM is directing agencies to revise performance review processes to prioritize adherence to presidential policies. The Defense Department has mandated public reporting of canceled contracts linked to Trump's efficiency initiatives. The SSA is tightening identity-proofing requirements for benefit applications, discontinuing phone verification options. During a nomination hearing, Trump’s nominees for OPM and OMB faced questions regarding federal workforce reductions. The Army has abandoned plans for a billion-dollar software development contract after feedback on draft RFPs. Employees at the IMLS have been placed on administrative leave amid concerns over the agency's future and grant disbursement obligations following Trump's executive order aimed at eliminating smaller entities.

AppWizard

March 28, 2025

Hackers target Taiwan with malware delivered via fake messaging apps

Recent research from cybersecurity firm Sophos has identified the use of PJobRAT malware targeting users in Taiwan through instant messaging applications SangaalLite and CChat, which mimic legitimate platforms. These malicious apps were available for download on various WordPress sites, now taken offline. PJobRAT, an Android remote access trojan first identified in 2019, has been used to steal SMS messages, contacts, device information, documents, and media files. The recent cyber-espionage initiative lasted nearly two years, affecting a limited number of users, indicating a targeted approach by the attackers. The latest version of PJobRAT lacks the ability to steal WhatsApp messages but allows attackers greater control over infected devices. The distribution method for these apps remains unclear, but previous campaigns involved third-party app stores and phishing pages. Upon installation, the apps request extensive permissions and provide basic chat functionalities. Sophos researchers note that threat actors often refine their strategies after campaigns, suggesting ongoing risks.

AppWizard

March 28, 2025

PJobRAT Android Malware Masquerades as Dating and Messaging Apps to Target Military Personnel

PJobRAT is an Android Remote Access Trojan that re-emerged in 2023, targeting users in Taiwan. Initially known for targeting Indian military personnel, it now disguises itself as benign apps like ‘SangaalLite’ and ‘CChat’, distributed via defunct WordPress sites operational from January 2023 to October 2024, with domain registrations dating back to April 2022. The malware is spread through counterfeit applications resembling legitimate messaging services, prompting users to grant extensive permissions. Enhanced capabilities allow it to execute shell commands, access data from any app, root devices, and communicate with command-and-control servers via Firebase Cloud Messaging and HTTP. The campaign appears to have concluded, highlighting the evolving tactics of threat actors. Users are advised against installing apps from untrusted sources and to use mobile threat detection software.

AppWizard

March 28, 2025

PJobRAT Android RAT as Dating & Instant Messaging Apps Attacking Military Personnel

PJobRAT is an Android Remote Access Trojan (RAT) that re-emerged in 2023 with improved capabilities and a refined targeting strategy, previously known for attacking Indian military personnel in 2021. It is now targeting users in Taiwan through social engineering tactics, disguising itself as legitimate dating and messaging apps. The malware is distributed via compromised WordPress sites hosting fake applications like “SaangalLite” and “CChat.” The infection footprint is small, indicating highly targeted attacks rather than widespread campaigns. PJobRAT retains its core functionality of exfiltrating sensitive information, including SMS messages, contacts, and media files, while enhancing command execution capabilities. Upon installation, the malicious apps request extensive permissions to operate continuously in the background. The malware uses a dual-channel communication infrastructure, with Firebase Cloud Messaging (FCM) as the primary command channel and a secondary HTTP-based channel for data exfiltration to a command-and-control server. The campaign appears to have concluded, but the evolution of PJobRAT highlights the ongoing threat of sophisticated mobile malware targeting high-value individuals.

AppWizard

March 28, 2025

PJobRAT makes a comeback, takes another crack at chat apps

In 2021, PJobRAT, an Android Remote Access Trojan (RAT), targeted Indian military personnel through deceptive apps. A new campaign was discovered in 2023, focusing on users in Taiwan, with malicious apps like ‘SangaalLite’ and CChat disguised as instant messaging applications. These apps were available for download from WordPress sites, which have since been taken down. The campaign began in January 2023, with domains registered as early as April 2022, and the latest sample detected in October 2024. The number of infections was low, indicating a targeted approach rather than a broad attack. The distribution methods remain unclear, but may involve SEO poisoning, malvertising, or phishing. Once installed, the apps request extensive permissions and feature basic chat functionality. Recent versions of PJobRAT have shifted from stealing WhatsApp messages to executing shell commands, allowing greater control over compromised devices. PJobRAT communicates with its command-and-control (C2) servers using Firebase Cloud Messaging (FCM) and HTTP, enabling the upload of various data types, including SMS, contacts, and files. The now inactive C2 server was located in Germany.

AppWizard

March 28, 2025

Signal, Telegram and WhatsApp are not built the same

Jeffrey Goldberg, editor-in-chief of The Atlantic, was inadvertently added to a Signal group chat with high-ranking White House officials, highlighting the complexities of secure messaging applications. Signal is known for its robust end-to-end encryption and open-source nature, which allows for independent security audits. WhatsApp, owned by Meta, also uses end-to-end encryption but raises privacy concerns due to its corporate ties. Telegram offers cloud-based messaging with optional end-to-end encryption for "Secret Chats," but its standard chats lack the same level of security as Signal or WhatsApp. The incident underscores the importance of understanding the security features and vulnerabilities of different messaging platforms.