Bitcoin, Cryptocurrency And Blockchain News

Telegram Zero-Day Flaw Leads to Hacking

Hackers Use Flaw in Telegram to Mine Cryptocurrencies


Messaging apps are very popular in this day and age because they provide a reliable and easy way to keep in touch. However, following the recent manipulation of a vulnerability in Telegram by hackers wishing to mine cryptocurrency, which was discovered by Kaspersky, it is important for developers of instant messaging applications to come up with adequate measures to protect their users.

Vulnerability in Telegram 

It seems like the instant messaging app Telegram is not so private after all. According to the global anti-virus provider Kaspersky lab, hackers have been taking advantage of a vulnerability in the app to use it for cryptocurrency mining.

The zero-day flaw which is based on the right-to-left override (RLO) Unicode was used by hackers as a backdoor to mine cryptocurrencies. The RLO Unicode is used for coding languages that are often written from right to left such as Hebrew and Arabic. However, the code is also used by hackers to trick unknowing users into downloading malware that might be in the form of images. A hidden Unicode character in the file name was used by the hackers to reverse the file name character order, ensuring the file name was unchanged. Hackers have continuously exploited the vulnerability since March 2017.  

How Hackers Used the Threats in the App

The threats that were manipulated by hackers were said to be twofold. Firstly, the installed backdoor was used for delivery of mining software, and hackers were able to use victims’ machines to mine cryptocurrencies such as Zcash, Monero, and Fantomcoin among others. The second threat was the installation of a backdoor that allowed hackers to remotely control the victims’ computers. In this case, hackers could operate the victims’ computers remotely and in silent mode. This way, the hackers would be unnoticeable, and he or she could install spyware tools and execute commands on the victims’ PCs.

What This Means for Telegram

Kaspersky notified Telegram of the attacks and the vulnerability of their app, and the company was able to fix it. Currently, the zero-day flaw does not exist any more.

However, this announcement is likely to affect the Telegram Initial Coin Offer negatively. The ICO had already received some negativity from investors who claimed that efforts by the app to raise $2bn for the creation of a mainstream payment system on the system were not a good idea as the app did not have adequate technical knowledge of blockchain technology.

The recent announcement of the flaws in the app by Kaspersky adds insult to injury, as investors might now feel that the app is no longer secure. Additionally, they might conclude that Telegram, which claims to be secure and anonymous, might have allowed hackers to access users PCs.

Advice From Kaspersky

According to Kaspersky, the cybercriminals were from Russia. The firm has further cautioned users to protect their computers from hacker attacks by:

  • Refraining from downloading unknown files from untrusted sources
  • Refraining from opening unknown files from untrusted sources
  • Avoiding sharing sensitive data in messaging apps
  • Using a reliable antivirus for PCs.

Image Credit: Deposit Photos

So how do you think the claims by Kaspersky that hackers have been using vulnerabilities in Telegram will affect the app’s ICO? Leave us your views in the comments section below.