Telegram Users Duped Into Installing Cryptocurrency Miners
Russian cybercriminals found a sneaky fashion to generate funds last yr: they tricked Telegram users into installing cryptocurrency miners.
For over six months, the hackers exploited a vulnerability in the desktop version of the messaging app to deliver mining software to unsuspecting victims, Kaspersky Lab said on Tuesday.
These scammers abused the software's character encoding method to disguise malicious programs as seemingly harmless files. The pull a fast one on involves a special Unicode character called the "right to left override," which tin can let a developer reverse the character order in a file name. An executable listed equally "doc.exe," for example, can of a sudden look similar "exe.doctor."
Hackers have been exploiting this problems for years to trick victims into opening innocuous-looking files that plow out to be malware. Plainly, Russian cybercriminals realized the same fob worked on Telegram. For case, one of the schemes involved reversing the label to malicious Javascript file "gnp.js" to expect like a PNG image ending in "sj.png."
Kaspersky Lab said it found prove of the attacks going dorsum to final March, some of which successfully delivered cryptocurrency miners to victims' computers. In some of the attacks, hackers sent files that appeared to be images, merely really launched mining software designed to secretly generate the virtual currency Monero, Zcash, or Fantomcoin.
All the observed attacks occurred in Russia, according to Kaspersky Lab. Some of the figurer code in the hacking schemes, along with an FTP server, too used some Russian linguistic communication. In improver to mining cryptocurrencies, a carve up number of attacks delivered malware that tin take control of a computer.
The security firm learned of the vulnerability in October, and Telegram said it fixed the problem a month later.
It isn't articulate how many victims were targeted, but Telegram downplayed the threat. "Well, this is not a real vulnerability on Telegram Desktop," a technical support channel to the messaging app said. "No one tin can remotely have control of your computer or Telegram unless yous open a malicious file."
Nevertheless, the number of cryptocurrency mining-related hacks continues to soar. Computers hitting with mining malware can see a drop in the machine'southward performance, but anti-virus software tin can clean upward the infection.
Source: https://sea.pcmag.com/news/19585/telegram-users-duped-into-installing-cryptocurrency-miners
Posted by: maderforut1960.blogspot.com
0 Response to "Telegram Users Duped Into Installing Cryptocurrency Miners"
Post a Comment