Warning for Android Phone Owners: Bank Accounts Can Be Drained in an Instant

Jakarta, CNBC Indonesia - A financial scam has been discovered that exploits Telegram’s Mini App feature. This method is used to distribute malware on Android phones. Telegram Mini Apps are lightweight web applications that run within Telegram’s built-in browser. This feature allows users to access payment services, accounts, and interactive tools without closing the main application. The scam modus operandi was identified by CTM360. The FEMITBOT platform was found in API responses and uses Telegram bots and Mini Apps to create seemingly legitimate applications, as cited from Bleeping Computer on Monday (4/5/2026). Scammers disguise themselves as well-known brands or companies to build trust with potential victims. Some impersonated brands include Apple, Coca-Cola, Disney, eBay, IBM, Moon Pay, Nvidia, and YouKu. CTM360 researchers discovered scam activities using a shared backend. Several phishing domains were identified with the same API responses and infrastructure. CTM360 also reported that the FEMITBOT platform is used for scams such as fake cryptocurrency services, financial tools, AI applications, and streaming sites. The scam is executed through Telegram bots that include phishing sites. Users who interact are prompted to click “Start”. After completing that step, the bot launches a Mini App displaying the scam site. Within the site, there is a dashboard showing fake balances or earnings, often pressuring victims with countdown timers or limited-time offers to engage. Users are asked to make deposits or complete tasks when attempting to withdraw the offered funds. It is also reported that existing scam campaigns use tracking scripts like Meta and TikTok tracking pixels, typically to monitor user activity, measure conversions, and optimise performance.