A stark new warning today, with millions of you exposed as a malicious new threat exploits Telegram to target you with dangerous malware—even if you’re not a user. If you’re hit by this cyber attack, you risk data theft, spyware, ransomware and even a complete system takeover. Here’s how to check if you’re infected.
Last year, Telegram’s Pavel Durov, warned that “using WhatsApp is dangerous.” But now that provocative attack has come back to bite. A new security report, issued today, warns of “a growing cyber threat where hackers use Telegram, the instant messaging app with over 500 million active users, as a command and control system.”
Durov’s WhatsApp warning focused on hacks to the Facebook-owned messenger itself, where, he said, backdoors had been planted to extract user data. He also cautioned WhatsApp users over the lack of end-to-end encrypted backups. These were very targeted, very specific attacks, perpetrated by sophisticated threat actors.
On a wider scale, the use of messengers to spread malware is not new. Earlier this month, Check Point warned that a rogue Netflix security-bypass app on Google’s Play Store was abusing Android’s “Notification Listening Service” to intercept incoming WhatsApp messages on victims’ phones, and then automatically reply to those messages with dangerous, malware-laced attachments and links.
Clearly, Telegram has that same risk—any messenger can be exploited to send dangerous messages, attachments and links, and you should always be wary of links and attachments, even if they appear to come from friends. But there are much more serious dangers with Telegram that can’t be mitigated by a user’s common sense alone.
Telegram is significantly more complex than its direct rivals, the likes of Facebook Messenger, WhatsApp, iMessage and Signal. Its architecture now serves more than 500 million users, through a spider’s web of connected endpoints and its own cloud back-end. It provides seemingly…