Submitted via IRC for TheMightyBuzzard
Remote access Trojans are mainly used to steal consumer data, either for consumers themselves or the conglomerate keeping this information safe from prying eyes. However, it appears criminals are looking at a different approach for these tools right now. A new open source remote access Trojan can now be used to extract data from the Telegram communication platform.
It is never a good sign when end-to-end encrypted communication tools are vulnerable to remote access Trojans. Unfortunately for all Telegram users, they have now become an official target for cybercriminals who make use of the RATAttack toolkit. This new open-source hacking tool has been unveiled by security researchers late last night, as it could have major consequences for all Telegram users.
Source: https://themerkle.com/open-source-remote-access-trojan-targets-telegram-users/
Related Stories
Telegram iOS app removed from App Store last week due to child pornography
The encrypted messaging app Telegram was mysteriously removed from Apple's App Store last week for a number of hours. At the time, little was known about the reason why, except that it had to do with "inappropriate content." According to a 9to5Mac report, Apple removed Telegram after the app was found serving up child pornography to users.
A verified email from Phil Schiller details that Apple was alerted to child pornography in the Telegram app, immediately verified the existence of the content, and removed the app from its online stores. Apple then notified Telegram and the authorities, including the National Center for Missing and Exploited Children. Telegram apps were only allowed to be restored to the App Store after Telegram removed the inappropriate content and reportedly banned the users who posted it.
[...] Since Telegram is a messaging app with end-to-end encryption, it's unlikely that the content in question originated from direct messages between users. It's possible that the child pornography came from a Telegram plugin, but neither Apple nor Telegram has revealed the source of the inappropriate content.
Telegram is an instant messaging service with at least 100 million monthly active users.
Also at The Verge and Apple Insider.
Related: Former Whatsapp Users Bring Telegram to its Knees
Hackers Compromised Telegram Accounts, Identified 15 Million Users' Phone Numbers
Open Source Remote Access Trojan Targets Telegram Users
Russia Targets Telegram App After St Petersburg Bombing
(Score: 0) by Anonymous Coward on Monday April 24 2017, @07:11PM (2 children)
Open Source can be used for evil! Indict Christine Peterson immediately.
(Score: 1, Informative) by Anonymous Coward on Monday April 24 2017, @07:36PM (1 child)
Telegram isn't vulnerable. As pointed out in the article's comments, it's like stating TCP/IP or HTTP is vulnerable. The RAT uses the Telegram protocol, and you can be infected even if you don't even use the app.
Pure clickbait.
(Score: 2) by edIII on Monday April 24 2017, @09:47PM
Telegram is vulnerable. So are all of the other private communication programs. Every single piece of software for a phone is vulnerable. Period.
The Chain O' Security, in order to not be vulnerable, starts with the silicon going up. Blob? Binary? The chain just broke once you added it. With the average smart phone it is the carrier that owns it. You don't have root privileges? You don't have a chain of security then.
It's ridiculous to even speak about anonymity and privacy platforms when the hardware isn't remotely anonymous, not even remotely private, or even wholly owned by the user. Makes about as much sense as using a colander to serve punch.
Technically, lunchtime is at any moment. It's just a wave function.
(Score: 2, Interesting) by blaze on Monday April 24 2017, @07:36PM
I am not a huge fan of Telegram but this articles looks more like FUD to me. There is no information on what is actually affected. I can only guess that those trojans are using Telegram's protocol. IRC is also famous as a tool for botnets and "hackers", but is it affected or unsafe in some way or another?
(Score: 0) by Anonymous Coward on Monday April 24 2017, @08:17PM (5 children)
I didn't think anyone used telegrams anymore, went the way of the pony express?
(Score: 2) by Snow on Monday April 24 2017, @08:47PM
I'm guessing it's like snapchat or instagram or one of those things the kids use these days instead of IRC.
(Score: 3, Funny) by LVDOVICVS on Monday April 24 2017, @09:22PM
I hope this doesn't mean there's a limit to my employment opportunities. I've been working hard lately learning Morse code.
(Score: 3, Informative) by butthurt on Monday April 24 2017, @10:58PM
from a year ago: "Cincinnati Bell Asks to End Telegraphy Service [soylentnews.org]"
(Score: 0) by Anonymous Coward on Tuesday April 25 2017, @12:26AM
They went out of business when it was discovered that ascii dick pics all looked alike.
(Score: 0) by Anonymous Coward on Tuesday April 25 2017, @06:52AM
Polaroid cameras are back [wsj.com], so why not. Uber horses next up?
(Score: 5, Informative) by ilsa on Monday April 24 2017, @10:03PM (1 child)
All these people have done is create a trojan vehicle that happens to use Telegram as the underlying protocol.
From the article:
All they have done is create a C&C pathway. You still need to have a compromised host to get this connection established anyway.
Telegram itself has not been compromised, and the fact that the code is Open Source is irrelevant. Hell, if anything, the fact that it's open source is a liability because it's now that much easier to mitigate since you know exactly what it's doing.
(Score: 2) by jimshatt on Tuesday April 25 2017, @07:09AM
(Score: 2) by its_gonna_be_yuge! on Tuesday April 25 2017, @02:10AM
Telegram (2013) is supported by Russian entrepreneur Pavel Durov - it doesn't seem to have much relationship to the original Telegram
They claim billions of transactions per day.
Beeellions.
(Score: 0) by Anonymous Coward on Tuesday April 25 2017, @02:27PM
I think we've won.