Security News

Facebook outage leads to massive user exodus to Telegram, Signal
2021-10-06 11:52

This comes after competitors like Signal and Telegram shared info on a massive exodus of Facebook users joining or switching to other platforms following the 6-hour-long downtime that impacted Facebook, Instagram, and WhatsApp. Signal and Telegram also began experiencing in the wake of Facebook's global outage after millions of Facebook users were joining their platforms.

Threat Actors Weaponize Telegram Bots to Compromise PayPal Accounts
2021-09-29 13:55

Cybercriminals are using Telegram bots to steal one-time password tokens and defraud people through banks and online payment systems, including PayPal, Apple Pay and Google Pay, new research has found. Threat actors are using Telegram bots and channels and a range of tactics to gain account information, including calling victims, and impersonating banks and legitimate services, researchers said.

MacOS Flaw in Telegram Retrieves Deleted Messages
2021-08-05 15:26

A vulnerability in a high-level privacy feature of Telegram on macOS that sets up a "Self-destruct" timer for messages on both the sender's and recipient's devices can allow someone to retrieve these messages even after they've been deleted, a researcher has found. Reegun Richard Jayapaul, Trustwave SpiderLabs Lead Threat Architect, discovered the flaw in the Self-Destruct feature of Telegram MacOS, which is part of the Secret-Chats aspect of the messaging app that uses end-to-end encryption.

Telegram for Mac bug lets you save self-destructing messages forever
2021-08-05 13:00

Researchers have discovered a way for users on Telegram for Mac to keep specific self-destructing messages forever or view them without the sender ever knowing. New bugs discovered by Reegun Richard Jayapaul, Trustwave SpiderLabs' Lead Threat Architect, allow Telegram for Mac users to save self-destructing messages and attachments forever.

Nasty macOS Malware XCSSET Now Targets Google Chrome, Telegram Software
2021-07-25 20:38

A malware known for targeting macOS operating system has been updated once again to add more features to its toolset that allows it to amass and exfiltrate sensitive data stored in a variety of apps, including apps such as Google Chrome and Telegram, as part of further "Refinements in its tactics." Earlier this April, XCSSET received an upgrade that enabled the malware authors to target macOS 11 Big Sur as well as Macs running on M1 chipset by circumventing new security policies instituted by Apple in the latest operating system.

MacOS malware steals Telegram accounts, Google Chrome data
2021-07-23 19:29

Security researchers have published details about the method used by a strain of macOS malware to steal login information from multiple apps, enabling its operators to steal accounts. Dubbed XCSSET, the malware keeps evolving and has been targeting macOS developers for more than a year by infecting local Xcode projects.

A New Spyware is Targeting Telegram and Psiphon VPN Users in Iran
2021-06-17 03:25

Threat actors with suspected ties to Iran have been found to leverage instant messaging and VPN apps like Telegram and Psiphon to install a Windows remote access trojan capable of stealing sensitive information from targets' devices since at least 2015. Russian cybersecurity firm Kaspersky, which pieced together the activity, attributed the campaign to an advanced persistent threat group it tracks as Ferocious Kitten, a group that has singled out Persian-speaking individuals allegedly based in the country while successfully operating under the radar.

Telegram Fraudsters Ramp Up Forged COVID-19 Vaccine Card Sales
2021-05-12 19:51

Telegram groups are being abused by fraudsters peddling fake COVID-19 vaccination cards to the unvaccinated and anti-vaxxer communities, according to researchers. "When it became a bigger possibility of being able to travel, or when certain events began to require proof of vaccination, we started to see people posting vaccine cards for sale or soliciting vaccine cards for themselves," she told Threatpost in an interview.

Telegram Platform Abused in ‘ToxicEye’ Malware Campaigns
2021-04-22 13:17

A victim's computer infected with the ToxicEye malware is controlled via a hacker-operated Telegram messaging account. This growing Telegram userbase has led to a corresponding surge by attackers pelting the Telegram platform with a slew of common malware, researchers report.

Cybercriminals Using Telegram Messenger to Control ToxicEye Malware
2021-04-22 04:21

Adversaries are increasingly abusing Telegram as a "Command-and-control" system to distribute malware into organizations that could then be used to capture sensitive information from targeted systems. In September 2019, an information stealer dubbed Masad Stealer was found to plunder information and cryptocurrency wallet data from infected computers using Telegram as an exfiltration channel.