Telegram deployed to send malware
The secure messaging service Telegram was used by hackers to send a new type of malware to users. That is what security company Kaspersky writes. The problem has now been solved.
An unprecedented bug, a 'zero day' vulnerability in the desktop version of Telegram, would have been used to send malware to its users. That says Russian security company Kaspersky Lab . That malware would have been used since March 2017 to infect Russian users. The malware has various functions, including the use of the infected computers to extract cryptocurrency such as Monero and Zcash. Kaspersky also says he has found a zipper stolen Telegram data on the hackers' servers.
Telegram is at nine in the list of most popular mobile messaging apps, and has just under 200 million users. It is best known as an encrypted service. Only the desktop version of the service is infected.
Right to left
To send their malware, the hackers used a feature in Telegram that automatically detects automatically whether a text was written in Arabic or Hebrew, Kaspersky writes. Those languages are read from right to left, and a vulnerability in them could mask a Javascript file as an innocent image file. Example: a file with a name like 'photo_regnp.js' is automatically converted to 'photo_resj.png' with the correct code. As soon as the users actually open that apparent image file, the malware is downloaded.
According to Kaspersky, only versions of the malware were found in Russia. The security guard also thinks that it concerns Russian cyber criminals. Incidentally, the vulnerability would not be unique to Telegram. A similar method would also make it possible to crack the more popular WhatsApp. Kaspersky reported the problem to Telegram in October, and it would have been resolved in the meantime.
Telegram itself calls for not to panic, and insists that the attack only works when a user downloads and opens an image file. "This is not really a vulnerability in Telegram Desktop," CEO Pavel Durov writes on his channel , "no one can remotely take over your computer or Telegram unless you open a (malicious) file."
Telegram is a popular app that sells as an extra secure alternative. In this sense it is often used by dissidents (but also extremists ). The app was also thrown out of the app store earlier this month because it would have been used to share child pornography . The company can miss all that daring as a toothache, especially now that it is preparing an ICO. The company hopes to raise 2 billion dollars with the alternative IPO, in which it will sell online tokens. These can then be exchanged as an alternative currency, as is already the case with Bitcoin or Ethereum.