Kaspersky Labs, a Russian cyber-security firm, discovered that cyber thugs have been utilizing the zero-day flaw on the Telegram app to exploit users by mining for their cryptocurrencies.
Kaspersky Labs, a Russian cyber-security firm, discovered that cyber thugs have been utilizing the zero-day flaw on the Telegram app to exploit users by mining for their cryptocurrencies. According to them, the thugs initially infect the user with malware to mine for cryptocurrencies that are privacy-eccentric such as Zcash, Monero and others. Unfortunately enough, Telegram is the only desktop app targeted
This attack serves as the latest case on the ongoing trend of crypto jacking. At first, there was a massive case of hackers who hijacked tons of android devices with the intention of mining Monero. The trend hastened enough when the Pirate Bay, the popular torrent-index site, experimented the mining of Monero with their users’ PC as the alternative of running ads.
From the firm’s reports, the hacker’s have been actively exploiting this vulnerability from March of 2017. So as to have access to the users PC, they readily took advantage over the telegram feature that allows it to have recognition of Hebrew and Arabic languages that were written backward.
By use of a hidden character within the feature that quickly reversed characters, they got the capability of renaming the users’ files. Therefore, the users were tricked into installing files that were encrypted with malware. Afterwards, they had backdoor access to the individual’s machines and used their computers for mining cryptocurrencies. In one interesting case, the researchers were able to obtain archives that contained telegram cache that was illicitly from a victim’s PC.
According to the post, after its installation, the PC would start operating in the silent mode. Thereafter, it allowed the threat to remain unnoticed throughout as it executed demands that included installation of other spyware tools.
Further investigations from Kaspersky revealed that the malicious software is only in Russia and several clues lead to Russian cybercriminals. Additionally, Telegram may not be the only vulnerable app, Kaspersky identified that Whatsapp had an exploit that would give criminals the ability to steal messages.
After contacting Telegram back in October 2017 on the issue, the problem was quickly fixed by November. The messaging company further stated that the attacks were accredited to social engineering. It would only work if its user had downloaded the file.
The founder of Telegram, Pavel Durov, explained that the issue should not be necessarily branded as a vulnerability to the messenger app. This is because no individual can have the ability of remotely getting to another’s Telegram or PC unless they opened the file. Moreover, he stated that such reports should always receive high speculation as most antivirus companies exaggerate issues beyond proportion for publicity.
The messaging app is working towards setting an ICO that would have the potential of raising billions. The projects aim to develop the Gram, that will essentially function as a native cryptocurrency to the Open Telegram network. This record-breaking ICO is set to reach 200 million in the initial months of 2018.