Tag Archives: telegram

Hackers Exploit ‘Telegram Messenger’ Zero-Day Flaw to Spread Malware

telegram-vulnerability

A zero-day vulnerability has been discovered in the desktop version for end-to-end encrypted Telegram messaging app that was being exploited in the wild in order to spread malware that mines cryptocurrencies such as Monero and ZCash.

The Telegram vulnerability was uncovered by security researcher Alexey Firsh from Kaspersky Lab last October and affects only the Windows client of Telegram messaging software.

The flaw has actively been exploited in the wild since at least March 2017 by attackers who tricked victims into downloading malicious software onto their PCs that used their CPU power to mine cryptocurrencies or serve as a backdoor for attackers to remotely control the affected machine, according to a blogpost on Securelist.

Here’s How Telegram Vulnerability Works

The vulnerability resides in the way Telegram Windows client handles the RLO (right-to-left override) Unicode character (U+202E), which is used for coding languages that are written from right to left, like Arabic or Hebrew.

According to Kaspersky Lab, the malware creators used a hidden RLO Unicode character in the file name that reversed the order of the characters, thus renaming the file itself, and send it to Telegram users.

For example, when an attacker sends a file named “photo_high_re*U+202E*gnp.js” in a message to a Telegram user, the file’s name rendered on the users’ screen flipping the last part.

Therefore, the Telegram user will see an incoming PNG image file (as shown in the below image) instead of a JavaScript file, misleading into downloading malicious files disguised as the image.

“As a result, users downloaded hidden malware which was then installed on their computers,” Kaspersky says in its press release published today.

Kaspersky Lab reported the vulnerability to Telegram and the company has since patched the vulnerability in its products, as the Russian security firm said: “at the time of publication, the zero-day flaw has not since been observed in messenger’s products.”

Hackers Used Telegram to Infect PCs with Cryptocurrency Miners

telegram-vulnerability

During the analysis, Kaspersky researchers found several scenarios of zero-day exploitation in the wild by threat actors. Primarily, the flaw was actively exploited to deliver cryptocurrency mining malware, which uses the victim’s PC computing power to mine different types of cryptocurrency including Monero, Zcash, Fantomcoin, and others.

While analyzing the servers of malicious actors, the researchers also found archives containing a Telegram’s local cache that had been stolen from victims.

In another case, cybercriminals successfully exploited the vulnerability to install a backdoor trojan that used the Telegram API as a command and control protocol, allowing hackers to gain remote access to the victim’s computer.

“After installation, it started to operate in a silent mode, which allowed the threat actor to remain unnoticed in the network and execute different commands including the further installation of spyware tools,” the firm added.

Firsh believes the zero-day vulnerability was exploited only by Russian cybercriminals, as “all the exploitation cases that [the researchers] detected occurring in Russia,” and a lot of artifacts pointed towards Russian cybercriminals.

The best way to protect yourself from such attacks is not to download or open files from unknown or untrusted sources.

The security firm also recommended users to avoid sharing any sensitive personal information in messaging apps and make sure to have a good antivirus software from reliable company installed on your systems.

Telegram Agrees to Register With Russia to Avoid Ban, But Won’t Share User Data

telegram-russia-data-protection-law

After being threatened with a ban in Russia, end-to-end encrypted Telegram messaging app has finally agreed to register with new Russian Data Protection Laws, but its founder has assured that the company will not comply to share users’ confidential data at any cost.

Russia’s communications watchdog Roskomnadzor had recently threatened to block Telegram if the service did not hand over information required to put the app on an official government list of information distributors.

The Russian government requirement came following terrorists’ suicide bombings that killed 15 people in Saint Petersburg in April in which terrorists allegedly used the Telegram‘s app to communicate and plot attacks.

“There is one demand, and it is simple: to fill in a form with information on the company that controls Telegram,” said Alexander Zharov, head of Roskomnadzor. 

“And to officially send it to Roskomnadzor to include this data in the registry of organizers of dissemination of information. In case of refusal… Telegram shall be blocked in Russia until we receive the needed information.”

Telegram CEO Pavel Durov refused to comply with the country’s requirements because he feared that it would weaken the privacy of its over 6 Million Russian users.

Telegram: No Confidential Data of Users will be Shared

However, after facing pressure from the government, Durov agreed on Wednesday to just register with the Russian government, but the company wouldn’t store citizens’ information on the Russian servers.

The Russian Federal Service for Supervision Of Communications, Information Technology and Mass Media (Roskomnadzor) announced on Wednesday that Telegram had finally presented all the requirements.

Roskomnadzor is a federal executive body in Russia responsible for overseeing the media, including the electronic media, mass communications, information technology and telecommunications; organizing the work of the radio-frequency service; and overseeing compliance with the law protecting the confidentiality of its users’ personal data.

Durov announced his decision via VK.com, the Russian version of Facebook, adding that while he’s happy for Telegram to be formally registered in Russia, anything that violates users’ privacy will not be served — only basic information about the company will be shared.

“We will not comply with unconstitutional and technically impossible Yarovaya Package laws—as well as with other laws incompatible with the protection of privacy and Telegram’s privacy policy,” Durov said.

Telegram is an end-to-end encrypted messaging app, but unlike WhatsApp, Telegram does not offer the end-to-end messaging feature to its users by default. Rather users need to open encrypted chats to communicate securely.

How to Communicate Securely with Telegram 

If you are communicating with people on Telegram thinking that your chats are end-to-end encrypted, you are mistaken, because all your chats will be stored in plain text on Russian servers, making it possible for the government to request it with court orders, when required.

So, always make sure that you communicate with people on Telegram using its encrypted chat feature. Here’s how to start an end-to-end encrypted chat on Telegram:

  • Open Telegram app
  • Select the contact you want to communicate
  • Click on his/her name
  • Select ‘Start Secret Chat’ (highlighted in green color)
  • A new, secure chat window will open, where you can communicate securely.

You can also enable other security features offered by Telegram.

These features include Two-Step Verification that allows you to set up an additional passcode for your Telegram account, which is also required to log into your account and Self-Destruct Secret Chats that lets you self-destruct your messages after a specified time (between 1 second and 1 week), leaving no trace on Telegram servers.

Powered by WPeMatico

Russia Threatens to Ban Telegram Messaging App, Says It Was Used By Terrorists

russia-telegram-data-law

Russia has threatened a ban against Telegram end-to-end encrypted messaging app, after Pavel Durov, its founder, refused to sign up to the country’s new data protection laws.

Russia’s FSB intelligence service said on Monday that the terrorists who killed 15 people in Saint Petersburg in April had used the Telegram encrypted messaging service to plot the attacks.

According to the new Russian Data Protection Laws, since January 1, all foreign tech companies have been required to store past six months’ of the personal data of its citizens and encryption keys within the country; which the company has to share with the authorities on demand.

“There is one demand, and it is simple: to fill in a form with information on the company that controls Telegram,” Alexander Zharov said, head of communications regulator Roskomnadzor (state communications watchdog).

“And to officially send it to Roskomnadzor to include this data in the registry of organizers of dissemination of information. In case of refusal… Telegram shall be blocked in Russia until we receive the needed information.”

Russian wants Telegram to share its users’ chats and crypto keys if asked, as the encrypted messaging app has become widely popular among terrorists for operating inside Russia.

Founder Pavel Durov said on Twitter that Intelligence agencies had pressured the company to weaken its encryption or install a backdoor.

So far, Telegram has refused to comply with the requirements in order to protect the privacy of its more than 6 million Russian users.

November last year, LinkedIn, the world’s largest online professional network, was also banned in Russia for not complying with the country’s data protection laws.

Powered by WPeMatico

Telegram Messenger Adds AI-powered Encrypted Voice Calls

Joining the line with rival chat apps WhatsApp, Viber, Facebook Messenger, and Signal, the Telegram instant messaging service has finally rolled out a much-awaited feature for the new beta versions of its Android app: Voice Calling.

And what’s interesting? Your calls will be secured by Emojis, and quality will be better using Artificial Intelligence.

No doubt the company brought the audio

Read More

Telegram Hacked? Turn ON Important Security Settings to Secure your Private Chats

We have heard a lot about data breaches nowadays. And if you think that switching to an encrypted messaging service may secure you and your data, then you may be wrong.

No good deed today can help you protect yourself completely.

Reuters and several media outlets are reporting that the phone numbers of 15 Million users in Iran and more than a dozen accounts on the Telegram instant messaging

Read More

Iran orders all Messaging Apps to store its citizens' data within Country

Last year, Iran blocked Telegram and many other social networks after their founders refused to help Iranian authorities to spy on their citizens.

Now it looks like Iranian government wants tighter controls on all foreign messaging and social media apps operating in the country that will give the authorities a wider ability to monitor and censor its people.
<!– adsense –>
All foreign

Read More

In-Brief: Telegram Vulnerability, Malware in Nuclear Plant, Anti-Tor Malware and Hotpatching Exploit

Clickjacking Vulnerability in Telegram Web Client
The official Telegram web-client that allows its users to access messenger account over desktop’s web browser is vulnerable to clickjacking web application vulnerability.

Egyptian security researcher Mohamed A. Baset told The Hacker News about a flaw in Telegram that could allow an attacker to change sensitive information of a Telegram user,

Read More

What does the future hold for our privacy?

Nothing is ever certain about our future, but when it comes to privacy, we can take a look at current trends and make some educated guesses as to what we will see tomorrow, next year, or even in 10 years’ time…

Looking at those trends, it’s clear that no matter how people’s privacy is violated and taken away, there will always be new tools to help protect it combat them and most important of all, keep people in control of their own privacy.

Innovation helps both sides of the spectrum and will lead to many games of cat and mouse moving forward into the future. To be more specific though I see two primary areas where privacy will be influenced the most in the future: anonymity and user owned data.

 

Anonymity

Being anonymous is one of the hardest things to do, if not impossible, in this day and age. With the prevalence of online tracking, government surveillance, and login systems everywhere it is very difficult to keep things to yourself unless you are willing to forgo the online world. While there are many services that start to offer “anonymous” services such as Secret and Telegram, there is always something that is connecting your device to the posts you do or the interactions you make. That’s why I see a future where pseudo-anonymity is commonplace.

Pseudo-anonymity would allow people to be anonymous to others and possibly to the application they are interacting with, but still be able to put together a profile and have an account. Adopting a pseudo-anonymous system has potential far beyond simple messaging apps and in something like Bitcoin, has the potential to really change the world.

In Bitcoin, everyone has a public address where you can see where Bitcoins are being sent to and from, and follow transactions very publicly, but you can’t actually identify the person that has the addresses unless they specifically tell you. This form of pseudo-anonymity is regarded as a positive step for privacy as it allows for direct audits and transparency of information while still letting individuals control their identifiable data.

Bitcoin is just one example of pseudo-anonymous technology, while even Facebook is taking steps to allow for Facebook login where apps cannot access your identity but rather just verify you are a person. It’s important I think to separate out task of verifying users as real people and learning their identities. That way we can have quality services supported by real users but without them having to sacrifice their privacy. Pseudo-anonymityis a good bridge for these two things.

 

User Owned Data

Right now as you browse the web there are dozens of companies that are collecting information about what you search for, what pages you visit, what you watch, and more. These companies make inferences about you such as your gender, income bracket, and marital status. They then sell this information to advertisers who will try to serve you with more relevant ads so that you are more inclined to click on them. This is the current status quo but it relies heavily on inferences and guesswork, which means there is a limit to how accurate the information can be.

Currently many companies have tried to bring user control to this aspect of online data collection, but nobody has truly succeeded. To get users to willingly hand over their data to companies, there needs to be a high enough value proposition for the users. Facebook and Google do a great job of this currently by providing free services that we use every day in return for data to be used for advertising. Other companies are still trying to crack the code on what would be valuable enough to these users. Online advertising is still in a high growth phase though and has a strong outlook to expand and grow into the future. Once advertising matures enough, it may become worth enough for other companies to be able to provide proper incentives to users in return for access to their data.

While nobody can predict the future we can help build the future we want to be a part of. The next time you sign up for a site or enter a competition in exchange for your email address and phone number, consider what information you are really giving up, who is getting access to it, and how it will be used. If we want a future where we are all more in control of our privacy we must start to take better care of our data.

 

If you have any ideas of what would be ideal in your future for privacy, let us know in the comments or drop us a line on our Facebook page at https://www.facebook.com/AVG.

Read More