Tag Archive for: Telegram

Hackers exploit zero-day flaw in Telegram to mine cryptocurrency

/in

  1. Hackers exploit zero-day flaw in Telegram to mine cryptocurrency  CSO Online

  2. Telegram zero-day exploit is a warning  ComputerWeekly.com
  3. Stinging Telegram: Attackers exploit zero-day flaw in app to fool users into malicious downloads  SC Magazine
  4. Hackers exploited Telegram messenger zero-day vulnerability to spread multipurpose malware | Kaspersky Lab  Kaspersky Lab
  5. Kaspersky Says Telegram Flaw Used for Cryptocurrency Mining  Bloomberg

    6. Full coverage

zero day exploit – read more

Critical Telegram flaw under attack disguised malware as benign images

/in

Enlarge (credit: Kaspersky Lab)

Makers of the Telegram instant messenger have fixed a critical vulnerability that hackers were actively exploiting to install malware on users’ computers, researchers said Tuesday.

The flaw, which resided in the Windows version of the messaging app, allowed attackers to disguise the names of attached files, researchers from security firm Kaspersky Lab said in a blog post. By using the text-formatting standard known as Unicode, attackers were able to cause characters in file names to appear from right to left, instead of the left-to-right order that’s normal for most Western languages.

The technique worked by using the special Unicode formatting *U+202E*, which causes text strings following it to be displayed from right to left. As a result, Telegram for Windows converted files with names such as “photo_high_regnp.js” to “photo_high_resj.png,” giving the appearance they were benign image files rather than files that executed code.

Read 2 remaining paragraphs | Comments

Biz & IT – Ars Technica

Telegram lets scammers connect directly with potential victims by way of stored contacts

/in
Telegram lets scammers connect directly with potential victims by way of stored contacts

Scammers can use the Telegram mobile messaging app to connect with a potential victim if they already have their phone number in their contact list.

David Bisson reports.

Graham Cluley

Trump doc claims Russia has cracked Telegram messaging service

/in

The raw intelligence document published this week that contains salacious stories about Donald Trump also offers up a glimpse into how Russia goes about its cyber spying – including the tidbit that it has cracked Telegram’s encrypted instant messaging service.

While none of the 35-page document is substantiated, it is detailed, and at least some of it is considered credible enough by U.S. intelligence agencies for them to have briefed Trump and President Barack Obama on it.

According to the documents prepared by a former British spy, a “cyber operative” for the Russian Federal Security Service (FSB) told him that Telegram no longer posed an issue for the government. “His/her understanding was that the FSB now successfully had cracked this communication software and therefore it was no longer secure to use,” the document says.

To read this article in full or to leave a comment, please click here

Network World Tim Greene