Security News

Trojanized installers of the Telegram messaging application are being used to distribute the Windows-based Purple Fox backdoor on compromised systems. First discovered in 2018, Purple Fox comes with rootkit capabilities that allow the malware to be planted beyond the reach of security solutions and evade detection.

A malicious Telegram instant-messaging app installer scurries past a slew of antivirus engines to deliver Purple Fox malware, evading detection by separating the attack into bite-sized morsels that fly under the radar. "We have often observed threat actors using legitimate software for dropping malicious files," analysts wrote.

A malicious Telegram for Desktop installer distributes the Purple Fox malware to install further malicious payloads on infected devices. The installer is a compiled AutoIt script named "Telegram Desktop.exe" that drops two files, an actual Telegram installer, and a malicious downloader.

Attackers use the Telegram handle "Smokes Night" to spread the malicious Echelon infostealer, which steals credentials for cryptocurrency and other user accounts, researchers said. Attackers are targeting crypto-wallets of Telegram users with the Echelon infostealer, in an effort aimed at defrauding new or unsuspecting users of a cryptocurrency discussion channel on the messaging platform, researchers have found.

Telegram has added content protection support to enable users to block others from saving or forwarding posts shared in groups and channels. To enable content protection, Group and Channel owners have to restrict message forwarding in their chat, also blocking screenshotting via Android security policies and removing the ability to save media from posts.

The Italian financial crime agency has announced the arrest of several individuals suspected of managing Telegram channels to promote fake vaccine certificates, aka 'Green Passes. Although the sellers claimed they had accomplices in the health department who could add false entries in the national database, thus rendering the generated QR codes valid, their Green Passes were fake.

Telegram has launched a new advertising program dubbed Ad Platform and offering the opportunity to display sponsored messages on the instant-messaging platform. First and foremost, Telegram advertising is not going to be targeted, which means that users will not be profiled by tracking their clicks and preferences.

Element, which makes Matrix-based communications and collaboration tools, has launched a consumer-oriented version of its messaging platform, complete with bridges for WhatsApp, Signal and Telegram. Over the months it has introduced supported bridging tech to allow enterprise users to message users on other platforms such as Slack, Teams and WhatsApp.

Belarusian law enforcement has published a list of Telegram channels that are now considered extremist and warned people that merely joining them would be punishable by up to seven years of imprisonment. The agency published a list of over 100 banned channels on a Telegram channel operated by the law enforcement agency.

This comes after competitors like Signal and Telegram shared info on a massive exodus of Facebook users joining or switching to other platforms following the 6-hour-long downtime that impacted Facebook, Instagram, and WhatsApp. Signal and Telegram also began experiencing in the wake of Facebook's global outage after millions of Facebook users were joining their platforms.