Telegram is an ever-evolving instant messaging service with client applications available for mobile and desktop platforms.
These include iOS, Android, macOS, Linux, and Windows. However, an active malicious advertising campaign appears to target the Telegram desktop client for Windows.
The information comes from Jannis kirschner, a Swiss security researcher, who came across said malware campaign while searching for the desktop app on Google.
According to Kirschner analysis, several Google results for the Windows Telegram client were part of the malware campaign.
These three bogus links namely telegramdesktop.org, telegramdesktop.com and telegramdesktop.net were rigged with malware instead of the supposed Windows binaries.
While all three links have now been archived by Kirschner’s team, their analysis led to them originally.
This has been possible due to numerous OpSec errors made by the authors while materializing the bogus Telegram malware campaign.
In addition, the second stage of the attack was also described by the vulnerability researcher where a common information thief, AZORult, is installed on the target machine.
It is good to see that steps to remove bogus Telegram Windows client links have already been taken.
Nevertheless, the authors are still there and are probably devising a new attack strategy.
So it is always best to keep an eye on the finer details when visiting popular sites or downloading popular apps, as these are the most common targets for such abusive practices.
That said, we’ll be back with more stories like this once more information becomes available, so stay tuned.
In the meantime, you can check out our dedicated Windows and Telegram sections to get the latest updates on the topics.
PiunikaWeb started out as an investigative tech journalism website, focusing primarily on “breaking” or “exclusive” news. In no time at all, our stories were picked up by Forbes, Foxnews, Gizmodo, TechCrunch, Engadget, The Verge, Macrumors and many more. Do you want to know more about us? Head here.