Hackers are unpredictable and they could come up with millions of ways to attack anything. This time attackers have compromised a non-profit cloud-based instant messaging service Telegram. According to Kaspersky Lab researchers, cyber-criminals have been able to exploit a vulnerability in Telegram to spread cryptocurrency miner to earn cryptocurrencies such as Monero and ZCash. The Telegram “zero day” flaw was used to distribute multipurpose malware, which depending on the device can be used either as a backdoor or as a tool to deliver mining software. First things first, let’s take a look at what is zero day vulnerability.
What is zero day vulnerability?
It is an attack that takes advantage of a security flaw on the same day that the vulnerability becomes generally known. In short, a zero-day attack happens once the vulnerability of software/hardware is exploited and attackers release malware before a coder has an opportunity to patch to fix the vulnerability. It can create problems well before anyone realizes something is wrong.
Telegram is one of the most popular end to end encrypted app used by cryptocurrency enthusiasts.
How Telegram vulnerability works?
- After that, they renamed this evil.js file as photo_high_re*U+202E*gnp.js.
- Now, as mentioned earlier, this *U+202E* is the right-to-left override unicode method which they used to make Telegram display the remaining string of the file gnp.js in reverse. It means, “gnp” is now displayed in reverse i.e. “png”.
- So, the name of the file is now “photo_high_resj.png” file. After completing this, attackers didn’t change the actual file extension .js.
- After that they sent the message to the recipient and recipient saw it as an incoming image file.
How to protect your PC from any such infection?
- Users should not download and click unknown files from untrusted sources
- Do not share any personal, confidential information in instant messengers
- Install reliable anti-virus.
You might also like
More from Crypto
We presented our curated list of CryptoTicker articles to get beginners started earlier. But, we do realize that once someone …
According to the Bitcoin magazine, Twitter - the popular micro blogging social media platform has started rolling out the earlier …
Bitcoin vs Ethereum is a never-ending battle. After the strong price rally, both cryptos are displaying tremendous growth. At the …