Post #2487

This isn't a leak, but... BREAKING: Nekogram is secretly sending your phone numbers to the developer The backdoor is hidden in the http://Extra.java file, which differs from the template uploaded to the repository. The obfuscated code sends data as an inline request to the @nekonotificationbot, leaving no trace. More info about the backdoor: https://github.com/Nekogram/Nekogram/issues/336(locked by Nekogram devs) To validate this, we made a PoC: an LSPosed module that replaces the bot ID and username to ours so all requests are going to it. That way, we confirmed that the phone numbers are being collected. Every. Login. The PoC is available here: https://github.com/RomashkaTea/nekogram-proof-of-logging