Best Reviews logo
Best Reviews may receive compensation for its content through paid collaborations. See how we sustain our work & review products.
Telegram Facing Multiple Hacker Attacks from Russia

Telegram Facing Multiple Hacker Attacks from Russia

By Tamás Ő.Tamás Ő. Verified by Sander D.Sander D. Last updated: November 27, 2024 (0)

Telegram can’t seem to catch a break nowadays. It’s bad enough that the service is blacklisted in numerous totalitarian countries such as Russia, China, and Iran, but now they are also plagued by hackers and malware. There are two specific instances that deserve mentioning: the first is aimed at phishing for the user’s login credentials and hijacking the chat session, while the other is responsible for turning the victim’s computer into a cryptocurrency mining slave.

Interestingly, both malware types attack the desktops of Russian-speaking Telegram users, perhaps to discourage their citizens from accessing the service. Still, the dangers shouldn’t be taken lightly as viruses can easily evolve to affect everyone under the sun.

‘Telegrabbing’

A clever wordplay on the name of the host service, Telegrab surfaced in April 2018 and it grew into a secondary, more advanced form only a week after the original release. The virus impacts the desktop version of Telegram only, eyeing not only browser credentials and text files but also attempts to overtake an entire Telegram conversation. In short, all data related to your activity – login details, messages, browsing history – will be compromised.

Telegram Hacked

The malware is spread via an executable file. When the user attempts to run it, Telegrab quickly infects the system and starts looking for browser credentials, cookies and .TXT files to grab – hence the name. The advanced version also exploits Telegram by storing secret chat documents on the device to hijack messaging sessions. In the grand scheme of things, Telegrab is still a minor threat, but having your chat conversation stolen is undoubtedly a serious issue for anybody. The company was informed about the virus and it will hopefully update the app.

Crypto-slavery

The second type of malware is more like a whip-cracking overlord than an elusive data thief. It’s a prime example of a cryptojacking virus that secretly plants mining tools onto the subject’s computer that taps into the hardware power to generate numerous cryptocurrencies for the hackers. Just like Telegrab, this malware is also based on a clever exploit. Telegram has implemented a feature to recognize Arabic and Hebrew text that is read from right to left and the virus is using a special character to reverse the text order in the file name, disguising the executable as a seemingly harmless file like .PNG or .JPG images.

Cryptojacking in Action

Kaspersky Lab, who first reported the issue, has also pointed out that the virus is capable of stealing private information from the user’s computer, but not on the same scale as Telegrab. According to the security company the flaw has been exploited since 2017 but the main targets were Russian Telegram users.

Don’t open mystery boxes

As already mentioned, just because these malware programs are rampaging in Russia it doesn’t mean that you should slack on your own security. The best way to avoid virus infection is to avoid downloading and even accepting a transfer for any file coming from dubious sources. Always question your partner when they you send something without explanation – who knows, maybe their account has been taken over and it is trying spread the malware. And try to limit the sharing of personal information via messenger apps to a minimum, just for privacy’s sake.

Up to 74% off NordVPN and 3 months extra
NordVPN logo
Subscribe to NordVPN during Black Friday to save up to 74% on your subscription and get three months extra – translating into the low monthly fee of $2.99. Offer is valid until December 10th.
Save Up to 74% on NordVPN

If you suspect that your computer has fallen victim to one of these devious tricks, do the following: monitor the power consumption of your CPU in the task manager and initiate a thorough scan via antivirus software. If your system is operating at max capacity despite being idle, then you are already under the thumb of a cryptojacking virus. A strong firewall might also save you from a whole lot of trouble, as will a VPN. The latter is especially handy if you are in Russia, considering the fact that the service cannot be accessed without otherwise masking your IP.


Best VPN services of 2024

Editor's choice 2024
NordVPN logo
Editor's rating:
(4.5)
Intuitive multiplatform apps
Double VPN and P2P support
Plenty of security features
Large VPN network with consistent speeds
Security
Surfshark logo
Editor's rating:
(4)
Intuitive multiplatform apps
Double VPN
WireGuard protocol
Outstanding device support
Multi-device users
IPVanish logo
Editor's rating:
(4.5)
Unlimited devices
No-log policy
24/7 support
Reliable security tools
Gaming
ExpressVPN logo
Editor's rating:
(4)
Extensive device support
Exceptional speed
Intuitive apps
Convenient extras
Traveling
CyberGhost VPN logo
Editor's rating:
(4.5)
Suitable for all VPN users
Great security features
Seven simultaneous connections
24/7 customer support
Streaming
ZoogVPN logo
Editor's rating:
(4.5)
24/7 customer service
Competitive price
Good connection speed
Based in Greece
Torrenting
Private Internet Access logo
Editor's rating:
(4.5)
Unlimited devices
DNS leak protection
Suitable for all users
Completely customizable
Beginners
TunnelBear logo
Editor's rating:
(4)
Very easy and fun to use
Kill switch and traffic obfuscato
Browser extensions and Chrome blocker
Good speeds
User Feedback

 Leave a reply

Your email address will not be published. Required fields are marked *


Best Reviews

Best Reviews may receive compensation for its content through paid collaborations and/or affiliate links. Learn more about how we sustain our work and review products.

©2012-2024 Best Reviews, a clovio brand – All rights reserved
Privacy policy · Cookie policy · Terms of use · Partnerships · Contact us