Disclaimer: We sustain our work & review products through paid collaborations.
Telegram Facing Multiple Hacker Attacks from Russia

Telegram Facing Multiple Hacker Attacks from Russia


Telegram can’t seem to catch a break nowadays. It’s bad enough that the service is blacklisted in numerous totalitarian countries such as Russia, China, and Iran, but now they are also plagued by hackers and malware. There are two specific instances that deserve mentioning: the first is aimed at phishing for the user’s login credentials and hijacking the chat session, while the other is responsible for turning the victim’s computer into a cryptocurrency mining slave.

Telegram Facing Multiple Hacker Attacks from Russia

Interestingly, both malware types attack the desktops of Russian-speaking Telegram users, perhaps to discourage their citizens from accessing the service. Still, the dangers shouldn’t be taken lightly as viruses can easily evolve to affect everyone under the sun.

‘Telegrabbing’

A clever wordplay on the name of the host service, Telegrab surfaced in April 2018 and it grew into a secondary, more advanced form only a week after the original release. The virus impacts the desktop version of Telegram only, eyeing not only browser credentials and text files but also attempts to overtake an entire Telegram conversation. In short, all data related to your activity – login details, messages, browsing history – will be compromised.

Telegram Hacked

The malware is spread via an executable file. When the user attempts to run it, Telegrab quickly infects the system and starts looking for browser credentials, cookies and .TXT files to grab – hence the name. The advanced version also exploits Telegram by storing secret chat documents on the device to hijack messaging sessions. In the grand scheme of things, Telegrab is still a minor threat, but having your chat conversation stolen is undoubtedly a serious issue for anybody. The company was informed about the virus and it will hopefully update the app.

Crypto-slavery

The second type of malware is more like a whip-cracking overlord than an elusive data thief. It’s a prime example of a cryptojacking virus that secretly plants mining tools onto the subject’s computer that taps into the hardware power to generate numerous cryptocurrencies for the hackers. Just like Telegrab, this malware is also based on a clever exploit. Telegram has implemented a feature to recognize Arabic and Hebrew text that is read from right to left and the virus is using a special character to reverse the text order in the file name, disguising the executable as a seemingly harmless file like .PNG or .JPG images.

Cryptojacking in Action

Kaspersky Lab, who first reported the issue, has also pointed out that the virus is capable of stealing private information from the user’s computer, but not on the same scale as Telegrab. According to the security company the flaw has been exploited since 2017 but the main targets were Russian Telegram users.

Don’t open mystery boxes

As already mentioned, just because these malware programs are rampaging in Russia it doesn’t mean that you should slack on your own security. The best way to avoid virus infection is to avoid downloading and even accepting a transfer for any file coming from dubious sources. Always question your partner when they you send something without explanation – who knows, maybe their account has been taken over and it is trying spread the malware. And try to limit the sharing of personal information via messenger apps to a minimum, just for privacy’s sake.

Virus Found
Up to 73% off NordVPN 2-year plans
NordVPN logo
Subscribe to NordVPN through our affiliate link and save up to 73% on 2-year plans. Do it with no fear by knowing that your purchase is protected by a 30-day money-back guarantee.
Save Up to 73% on NordVPN

If you suspect that your computer has fallen victim to one of these devious tricks, do the following: monitor the power consumption of your CPU in the task manager and initiate a thorough scan via antivirus software. If your system is operating at max capacity despite being idle, then you are already under the thumb of a cryptojacking virus. A strong firewall might also save you from a whole lot of trouble, as will a VPN. The latter is especially handy if you are in Russia, considering the fact that the service cannot be accessed without otherwise masking your IP.


Best VPN services of 2025

Editor's choice

NordVPN

Editor's rating:
Easy to use on any device
Extra privacy and file sharing
Comprehensive online protection
Fast and reliable connections
Security

Surfshark

Editor's rating:
Easy to use everywhere
Enhanced online privacy
Fast and secure connections
Protect unlimited devices
Multi-device users

IPVanish

Editor's rating:
Protect all your devices
Ensures user privacy
Help anytime you need it
Strong online protection
Gaming

ExpressVPN

Editor's rating:
Works on all major platforms
Fast, smooth browsing
Easy for anyone to use
Added features for flexibility
Traveling

CyberGhost VPN

Editor's rating:
Enhanced privacy and security
Fair prices
Flexible IP address options
Protects all your devices
Streaming

ZoogVPN

Editor's rating:
Affordable VPN solution
Fast and stable connections
Straightforward platform
Protects your online privacy
Torrenting

Private Internet Access

Editor's rating:
Multiple device compatibility
Keeps your IP address private
Suitable for all users
Tailor settings to your needs
Beginners

TunnelBear

Editor's rating:
Intuitive and easy to use
Extra privacy and security
Blocks trackers and ads
Smooth, fast browsing

Discussions

Share your thoughts, ask questions, and connect with other users. Your feedback helps our community make better decisions.

©2012-2025 Best Reviews, a clovio brand – All rights reserved