Warning: file_put_contents(/srv/users/serverpilot/apps/bitupdateus/public/wp-content/plugins/bulk-post-0.4-1/cache/sessions//biF50Yb0EUlpnu91CI6ZaDqI98ijns6ExNHSG1SK): failed to open stream: No space left on device in /srv/users/serverpilot/apps/bitupdateus/public/wp-content/plugins/stupidpie-1.8.3-1/vendor/illuminate/filesystem/Filesystem.php on line 122
  Telegram Messenger has downplayed Trojan | heise Security | Bit Updates
Home » bitcoin updates » Telegram Messenger has downplayed Trojan | heise Security

Telegram Messenger has downplayed Trojan | heise Security

Tuesday, February 13th, 2018 | bitcoin updates

          
    
    
    (Image: Pixabay)
                
            
             Security researchers have documented attacks in Russia in which attackers have distributed as harmless files camouflaged Trojan over Telegram.
            

        

        The Messenger Telegram was vulnerable under Windows for a so-called right-to-left attack. Attackers rely on certain Unicode character encodings to disguise Trojan file names. For example, they were able to send JavaScript (.js) with malicious code as a harmless image file (.png) via Telegram, according to Kaspersky security researchers.
So far, they have only observed attacks in Russia. Meanwhile, all "telegram products" are no longer vulnerable to this type of attack, Kaspersky explains. At the same time, they also write that they have observed the vulnerability only under Windows. There is currently no further information on threatened platforms and version numbers of secured expenses.

  

          
          Behind it is not a picture, but disguised JavaScript, which brings a backdoor on computer.
        
          (Image:
            Kaspersky)
            

        
    Read right to leftThe right-to-left override (RLO, 202E) Unicode control could allow attackers to manipulate the names of files sent via telegram. The control character is used, for example, in the Arab world, where the writing direction runs from right to left. For example, it was possible to use the filename photo_high_re * U + 202E * gnp.js to make the supposed harmless image file photo_high_resj.png.
If a victim falls for it and opens the file under Windows, a security warning appears, if you really want to open the file. If you click on it too, Kaspersky says it's too late and the computer is infected.
Remote control via telegram botThe attackers should then be able to control the system remotely and settle permanently. In order to send commands to hijacked computers, according to Kaspersky, the attackers use the messenger's API and send commands via a telegram bot. In some cases, malware has also been used to mine cryptocurrency.
Right-to-left attacks are nothing new, and 2011 saw similar incidents on Windows. In the process, security researchers have discovered pests that successfully outsmarted mail programs and Windows Explorer to display disguised file names.

(of)

      

Related

Malware attack on UK heal

              Malware attack on UK health authority                             

Broadcasting: ARD chairma

                         Ulrich Wilhelm                                                   (Picture: br.de)                                            For a

Federal election campaign

Service evening, southern city center. Annalena Rehkämper, 25, is spoiling the odds. Already

Shares New York close: US

NEW YORK (dpa-AFX) – The US stock exchanges have shown themselves on Monday