Kaspersky Lab discovers zero-day vulnerability in Telegram messenger

Researchers from Kaspersky Lab have discovered a zero-day vulnerability in the messaging service Telegram that allowed hackers to mine cryptocurrency from machines with the desktop app installed.

The vulnerability has been exploited since March 2017, according to Kaspersky’s report. Hackers were able to use it to deliver multi-purpose malware by hiding it in a Unicode character within a file name. This reversed the order of the characters and renamed the file itself.

“It is generally used for coding languages that are written from right to left, like Arabic or Hebrew; however, it can also be used by malware creators to mislead users into downloading malicious files disguised, for example, as images,” the report says. “Kaspersky Lab reported the vulnerability to Telegram and, at the time of publication, the zero-day flaw has not since been observed in the messenger’s products.”

By using the victim’s PC computing power, hackers created different types of cryptocurrency such as Monero, Zcash, Fantomcoin and others. They also installed a command and control protocol that used the Telegram API, giving them remote access to the victim’s computer. Upon installation, the program operated in silent mode, allowing the threat to remain hidden in the network and install more spyware tools.

Kaspersky says the trail of breadcrumbs from these attacks suggest Russian cybercriminal activity.

“The popularity of instant messenger services is incredibly high, and it’s extremely important that developers provide proper protection for their users so that they don’t become easy targets for criminals,” said Alexey Firsh, malware analyst, targeted attacks research for Kaspersky Lab.

Kaspersky discovered mobile malware was stealing WhatsApp messages last month.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Alex Coop
Alex Coophttp://www.itwc.ca
Former Editorial Director for IT World Canada and its sister publications.

Related Tech News

Featured Tech Jobs


CDN in your inbox

CDN delivers a critical analysis of the competitive landscape detailing both the challenges and opportunities facing solution providers. CDN's email newsletter details the most important news and commentary from the channel.