Skip to content

February 13, 2018

Attackers used Telegram to deliver cryptocurrency-mining malware

by John_A

Kaspersky Lab says it spotted evidence of a vulnerability in the desktop version of Telegram that allowed attackers to install cryptocurrency mining malware on users’ computers. The zero-day exploit was used to trick Telegram users into downloading malicious files, which could then be used to deliver cryptocurrency mining software and spyware. According to Kaspersky, those behind the exploit used the computers their malware had been installed on to mine digital currencies like Monero, Zcash, Fantomcoin and others. Kaspersky also says it found a stolen cache of Telegram data on one of the attackers’ servers.

Telegram is a popular messaging service. And while its encryption has attracted users whose communications may be less than legal, its popularity has also attracted groups wanting to exploit its many users. Telegram was briefly pulled from Apple’s App Store earlier this month because users were sharing child pornography through it and it has remained a popular mode of communication for members of ISIS despite Telegram’s attempts to prevent it. Last month, Symantec discovered a fraudulent copy of Telegram on Google Play that served users ads as well as another that installed malware onto the systems of those who downloaded it.

Of course, sneaky cryptocurrency mining hijacks are nothing new. Attackers have targeted Android phones, government websites and Showtime’s streaming website, among many others. Kaspersky said it notified Telegram of the issue and it now appears to have been rectified. “The popularity of instant messenger services is incredibly high, and it’s extremely important that developers provide proper protection for their users so that they don’t become easy targets for criminals,” Kaspersky Malware Analyst Alexey Firsh said in a statement.

Via: Bloomberg

Source: Kaspersky

Advertisements
Read more from News

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Note: HTML is allowed. Your email address will never be published.

Subscribe to comments

%d bloggers like this: