Hackers are increasingly using Telegram, the messaging app with over 500 million active users worldwide, to distribute malicious computer viruses.
Over 130 cyber attacks have been tracked in the past three months. It is the alarm raised by the researchers of Check Point Software Technologies, the attackers have continued during this period to spread malware in the e-mail attachments, resulting in file checking, data loss and ransomware installations to the recipients.
The attacks in recent months - the researchers explain - have used a remote access trojan (rat) nicknamed ToxicEye, "provides full remote control of the system and communicates with the hacker's server to steal data". It spreads via phishing emails containing a malicious file. After opening the attachment, ToxicEye installs itself on the victim's PC and begins to act without the victim noticing.
"Cybercriminals see Telegram as an integral part of their attacks due to a number of operational advantages - the researchers explain - it is not blocked by corporate antivirus engines, nor by network management tools. Attackers can remain anonymous as the process of registration requires only a mobile number and is available in all locations in the world ".
"We strongly urge organizations and Telegram users to be aware of harmful emails and to be more cautious with emails that have their username as their subject and those with poor fluency - they conclude - Since Telegram can be used to distribute malicious files or as a command and control channel for remotely controlled malware, we expect more tools that leverage this platform to continue to be developed in the future. " (HANDLE).