Security alert: counterfeit Telegram build linked to GetApps on Xiaomi devices
An unofficial modification of the Telegram messenger has appeared in the GetApps store, embedded in certain Xiaomi devices. This version never existed as an official release and is being treated as a dangerous counterfeit. The warning comes from TG Information, a source tracking messaging app integrity and user safety.
Reports indicate that Telegram version 9.6.9 within this counterfeit package includes icons and prompts that encourage users to participate in cash prize drawings. In addition, users have reported being unexpectedly signed out, with a subsequent login required to regain access. The experience mirrors typical tactics used to steer users toward promotional schemes while creating friction that pushes for repeated authentication.
The unusual build shows no alignment with any legitimate Telegram release and carries no association with the company’s official giveaways. The prevailing theory is that this modified version is designed to harvest personal data and credentials. It may request permissions that enable data collection, session management, and credential harvesting, all under the guise of a normal app feature.
The precise date of appearance on GetApps remains unclear. Since its emergence, the counterfeit has climbed the ranks within the communications category, attracting a large number of downloads and prompting concern among users who rely on verified app sources. The rapid spread underscores how quickly misleading software can gain visibility in popular app distribution ecosystems, especially when devices come preloaded with third-party stores or allow sideloading of non-official apps.
Advice from TG Information emphasizes caution: anyone who installed or used Telegram from GetApps should delete that version immediately. Then, download the official app from Telegram’s authentic site or downstream official app stores, and sign out of all sessions in Telegram settings. Completing this step terminates active sessions and prevents further unauthorized access from lingering devices. Users should also enable two-factor authentication where available and review connected devices to ensure only trusted sessions remain active.
Across regions, incidents involving hacks and fake apps highlight the broader risk posed by third-party stores and unauthorized modifications. The incident serves as a reminder to rely on trusted sources and verified marketplaces to protect personal data and device security. Consumers are encouraged to verify app legitimacy before installation, check app developer information, and monitor unusual prompts or requests for sensitive permissions. Remaining vigilant helps reduce exposure to credential phishing, data harvesting, and account compromise that can arise from counterfeit software.
Protective habits, such as keeping devices updated, using reputable security software, and maintaining a habit of brief yet thorough permission reviews, can further shield users from these threats. A cautious approach to app installation, especially on devices configured with alternate markets, is essential for maintaining digital safety in today’s ecosystem.
In short, the presence of a counterfeit Telegram build in a well-known app store highlights the ongoing need for careful app sourcing and robust security practices. By sticking to official channels, enabling strong authentication, and regularly auditing active sessions, users can minimize risk and preserve the integrity of their messaging tools.