Researchers from Cisco’s Talos team have discovered a strain of malware that specifically targets the Telegram chat service. Malware TeleGrab nicknamed in a Publish by Talos, it specifically seeks to target Telegram desktop users. The reason is that end-to-end encryption is not available in the desktop version and it allows access to all kinds of information. Since the mobile version of Telegram is end-to-end encrypted, it is possible that users of the desktop version may mistakenly believe that their conversations are protected as well (although the company explicitly states that this is not the case. ).
With all of this in mind, the analysis of the TeleGrab malware revealed some very interesting data. When first discovered in April, the malware “only stole browser credentials and cookies, as well as any text files it can find on the system.” In its second form, which was produced shortly after the initial discovery of TeleGrab, the malware added the ability to “collect Telegram’s desktop cache and key files, as well as game storefront login information. Steam video â. Additionally, the malware is coded in Go, AutoIT, and Python – at least that’s what has been discovered so far.
Research has also shown that the author of the Telegram malware, who uses the absurd pseudonym of Raccoon Hacker, is of Russian origin and primarily targets Russian speakers. Talos found in the source code that “the decoding of the user’s home directory is done using the CP-1251 character encoding scheme, which is primarily used for languages ââlike Russian.” Raccoon Hacker has made no attempt to hide his identity, going so far as to post tutorials on hacking forums and YouTube to show how easy it is to use Telegrab.
The best thing I can advise Telegram users right now is to avoid the desktop version until end-to-end encryption is added (which the company has expressed interest in doing). While Raccoon Hacker can be a proficient coder, he or she is likely to be caught afterwards. Someone so brazen with his attack, and pushing himself into public Internet forums to be recognized, does indeed fall on his own sword. The immaturity behind some of these actions suggests that Raccoon Hacker is young enough to be reformed. Hopefully that happens before the law breaks down, because these are some serious issues this kid is getting himself into.
Featured Image: Shutterstock