Home » bitcoin updates » Telegram Messenger has downplayed Trojan | heise Security

Telegram Messenger has downplayed Trojan | heise Security

Tuesday, February 13th, 2018 | bitcoin updates

          
    
    
    (Image: Pixabay)
                
            
             Security researchers have documented attacks in Russia in which attackers have distributed as harmless files camouflaged Trojan over Telegram.
            

        

        The Messenger Telegram was vulnerable under Windows for a so-called right-to-left attack. Attackers rely on certain Unicode character encodings to disguise Trojan file names. For example, they were able to send JavaScript (.js) with malicious code as a harmless image file (.png) via Telegram, according to Kaspersky security researchers.
So far, they have only observed attacks in Russia. Meanwhile, all "telegram products" are no longer vulnerable to this type of attack, Kaspersky explains. At the same time, they also write that they have observed the vulnerability only under Windows. There is currently no further information on threatened platforms and version numbers of secured expenses.

  

          
          Behind it is not a picture, but disguised JavaScript, which brings a backdoor on computer.
        
          (Image:
            Kaspersky)
            

        
    Read right to leftThe right-to-left override (RLO, 202E) Unicode control could allow attackers to manipulate the names of files sent via telegram. The control character is used, for example, in the Arab world, where the writing direction runs from right to left. For example, it was possible to use the filename photo_high_re * U + 202E * gnp.js to make the supposed harmless image file photo_high_resj.png.
If a victim falls for it and opens the file under Windows, a security warning appears, if you really want to open the file. If you click on it too, Kaspersky says it's too late and the computer is infected.
Remote control via telegram botThe attackers should then be able to control the system remotely and settle permanently. In order to send commands to hijacked computers, according to Kaspersky, the attackers use the messenger's API and send commands via a telegram bot. In some cases, malware has also been used to mine cryptocurrency.
Right-to-left attacks are nothing new, and 2011 saw similar incidents on Windows. In the process, security researchers have discovered pests that successfully outsmarted mail programs and Windows Explorer to display disguised file names.

(of)

      

Related

Broadband expansion: &quo

                         Several questions: Anke Domscheit-Berg (The Left), Nicola Beer (FDP), Tabea

The bike blog of the Tage

+++ From mid-cycle: cycling started +++ Route presentation of the 105th Tour de

OSCE: Press Freedom World

                         (Image: Denis Yücel, 2011, CC-BY-SA-4.0)                                            The OSCE Representative

Economic relations: Turke

German-Turkish relations go back to the 18th century. In 1719, a delegation led