Tag: Telegram | Page 2

Hackers Use Telegram, Signal, Dark Web to Help Iranian Protesters

September 30, 2022/in Mobile Security

Protesters against the Iran regime are getting a boost to aid their efforts from hacking groups who are using Telegram, Signal and the dark web to get around government restrictions.

“Key activities are data leaking and selling, including officials’ phone numbers and emails, and maps of sensitive locations. CPR sees the sharing of open VPN servers to bypass censorship and reports on the internet status in Iran, as well as the hacking of conversations and guides,” according to a blog post by Check Point Research (CPR), which shared five examples of the counterprotesters’ activities.

Telegram groups, the researchers said, include between 900 to 1,200 members, some of which offer a list of proxies and a VPN to maneuver around Iranian government censorship while another group helps protesters gain access to social media.

CPR noted the activities the day after protests began following the death of Mahsa Amini. “Specifically, hacker groups are allowing people in Iran to communicate with each other, share news and what is going on in different places, which is what the government is trying to avoid, to lower the flames,” CPR said. “As per usual with these uprisings, there are some hacking groups that are trying to make a profit from the situation and to sell information from Iran and the regime.”

Researchers specifically called out the Official Atlas Intelligence Group channel, a group with 900 members that uses Telegram to leak and sell data. They are “focusing on leaking data that can help against the regime in Iran, including officials’ phone numbers and emails and maps of sensitive locations,” PCR said, as well as “upsell” private information on the Iranian Revolutionary Guard Corp (RGC). They are also offering a list of proxies to help protesters bypass censorship in Iran.

The 5,000-strong Arvin group is also using the messaging platform to leak and sell data. Its focus is “on news from the protests in Iran, reports and videos from the streets where the protests are in Iran,” CPR said. They also provide Open VPN services and report on internet status in the country.

Red Blue is another group with 4,000 members and is also using Telegram to hack…

Source…

Telegram attacks: How to know if your account is compromised and how to improve security

September 14, 2022/in Mobile Security

When WhatsApp updated its terms and policies last year, it triggered concerns over privacy that led some users to seek out alternatives such as Telegram.

While the WhatsApp service itself included technology such as end-to-end encryption (E2EE) for privacy, the policy change indicated that it could begin sharing some data and user information with its parent company, Facebook (now Meta).

The resulting migration gave Telegram a massive boost to its userbase, which is now around 700 million worldwide versus WhatsApp’s two billion.

Like WhatsApp, Telegram also has E2EE to ensure protected messages cannot be easily read by unauthorised third parties. In 2017, security research firm Check Point Software Technologies released a report indicating that the E2EE on both platforms could be a potential vulnerability.

“The vulnerability allows an attacker to send the victim malicious code, hidden within an innocent-looking image. As soon as the user clicks on the image, the attacker can gain full access to the victim’s WhatsApp or Telegram storage data, thus giving full access to the victim’s account. The attacker can then send the malicious file to all the victim’s contacts, potentially enabling a widespread attack.

“Since messages were encrypted on the side of the sender, WhatsApp and Telegram were blind to the content and were therefore unable to prevent malicious content from being sent. After fixing this vulnerability, the content will now be validated before the encryption, allowing malicious files to be blocked,” the firm said.

Check Point disclosed its findings to the WhatsApp and Telegram security teams in March 2017, adding that the two companies had promptly acknowledged the issues raised and developed fixes for its worldwide web clients.

While this vulnerability has been addressed, Telegram’s popularity has still made it a more attractive target for hackers and scammers.

How to know when your Telegram is hacked?

Last month, Prime Minister Datuk Seri Ismail Sabri Yaakob lodged reports with the Malaysian Communications and Multimedia Commission (MCMC) and the police after his personal Telegram and Signal accounts were hacked.

It was believed that the accounts were…

Source…

Telegram and Discord Bots Delivering Infostealing Malware

July 28, 2022/in Computer Security

Intel471 researchers have warned users about how cybercriminals are converting popular apps against them.

A new report from security vendor Intel471 reveals how cybercriminals are using bots already deployed in messaging apps Discord and Telegram to deliver malware and steal user credentials.

In addition, these actors are targeting Roblox and Minecraft gaming platforms in similar attacks. Researchers pointed out that Discord’s content delivery network (CDN) is actively used for hosting malware because the platform doesn’t impose restrictions on file hosting.

The report revealed that these file hosting links are accessible to anyone without requiring authentication. This allows cybercriminals a credible “web domain to host malicious payloads.”

For your information, bots are used on Discord and Telegram so that users can play games, share data, and moderate channels to eliminate unwanted content. However, Intel471’s researchers identified that these can be used for delivering malware.

Some malware strains researchers found deployed in Discord’s CDN include Pay-Per-Install malware (PPI) Discoloader, PrivateLoader, Smokeloader, Agent Tesla, Autohotkey, Raccoon stealer, njRAT and many more.

Bots Stealing User Info from Systems

Researchers explained that threat actors use trojan malware to steal information from devices/systems attached to legit bots in the apps. The malware can steal a wide range of information. This includes the following:

Passwords
Bookmarks
Autofill data
Payment card data
Cryptocurrency wallets
Browser/session cookies
Microsoft Windows product keys
VPN (virtual private network) client logins

It is worth noting that using bots to spread malware on such platforms is nothing new. A report published last year explained how Telegram bots are stealing OTP (One-Time Password).

When it comes to Discord, there are a plethora of reports from cybersecurity companies explaining how one of the most frequently used messenger services in the world is used in spreading malware.

Messaging Apps Have Become Attackers’ C&C Mechanisms

According to Intel471’s report, cybercrooks use messaging apps like Telegram as their Command and…

Source…

How to Move WhatsApp Chats to Android, iPhone, Signal, and Telegram

June 25, 2022/in Mobile Security

Since early 2016, WhatsApp has protected messages and conversations sent in its app with end-to-end encryption. This means that nobody other than the sender and receiver of messages can read their content—not even Meta can read or snoop on the contents of your conversations.

Despite WhatsApp being omnipresent—more than 2 billion people use it each month—securely moving your encrypted chats and photos to different platforms or apps has been a challenge. Transferring your WhatsApp chats from Android to iPhone and from iPhone to Android has historically only been possible using third-party apps. These apps are often fiddly and don’t necessarily protect your data at the level offered by WhatsApp’s ecosystem.

But in recent months WhatsApp has made it possible to officially switch between iPhones and Android (and vice versa), rolling out processes to securely move data between operating systems and working with phone manufacturers to enable the move.

If you’re fed up with Meta’s ecosystem, it’s also possible to move your groups and some chat data to other messaging apps. Here’s how to move all of your WhatsApp chats and backups.

Android to iPhone

Moving your WhatsApp account from Android to an iPhone involves a few steps. But it should be possible to bring most of your information with you: Your profile photo, individual and group chats, history, photos, videos, and settings can all make the jump from one device to another. Your call history and display name can’t be moved across, however, WhatsApp says.

Most of the work in moving your WhatsApp data comes before you make the shift. To move between devices, you need to ensure you have the same phone number on each. Before you start the process, make sure you have a recently updated version of WhatsApp on your Android phone. You also need to be running at least Android 5 on the device you’re moving from and iOS 15.5 on the iPhone you’re moving to. (The iPhone needs to be a new device or have been recently reset to its factory settings.)

Next, download and install the “Move to iOS” app from Google’s Play Store—this Apple-owned app will do all the heavy lifting. When you’re ready to migrate your data, plug both…

Source…

Tag Archive for: Telegram

How to know when your Telegram is hacked?

Intel471 researchers have warned users about how cybercriminals are converting popular apps against them.

Bots Stealing User Info from Systems

Messaging Apps Have Become Attackers’ C&C Mechanisms