Wednesday, May 18, 2022

Kaspersky Lab discovers zero-day vulnerability in Telegram messenger

Researchers from Kaspersky Lab have discovered a zero-day vulnerability in the messaging service Telegram that allowed hackers to mine cryptocurrency from machines with the desktop app installed.

The vulnerability has been exploited since March 2017, according to Kaspersky’s report. Hackers were able to use it to deliver multi-purpose malware by hiding it in a Unicode character within a file name. This reversed the order of the characters and renamed the file itself.

“It is generally used for coding languages that are written from right to left, like Arabic or Hebrew; however, it can also be used by malware creators to mislead users into downloading malicious files disguised, for example, as images,” the report says. “Kaspersky Lab reported the vulnerability to Telegram and, at the time of publication, the zero-day flaw has not since been observed in the messenger’s products.”

By using the victim’s PC computing power, hackers created different types of cryptocurrency such as Monero, Zcash, Fantomcoin and others. They also installed a command and control protocol that used the Telegram API, giving them remote access to the victim’s computer. Upon installation, the program operated in silent mode, allowing the threat to remain hidden in the network and install more spyware tools.

Kaspersky says the trail of breadcrumbs from these attacks suggest Russian cybercriminal activity.

“The popularity of instant messenger services is incredibly high, and it’s extremely important that developers provide proper protection for their users so that they don’t become easy targets for criminals,” said Alexey Firsh, malware analyst, targeted attacks research for Kaspersky Lab.

Kaspersky discovered mobile malware was stealing WhatsApp messages last month.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication. Click this link to send me a note →

Jim Love, Chief Content Officer, IT World Canada
Alex Coop
Alex Coophttp://www.itwc.ca
Editorial director for IT World Canada and its sister publications, and former community reporter. Also a great pick up basketball player | acoop@itwc.ca

Related Tech News

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.