There was a report by that the attackers had discovered an exposed backdoor in Telegram Messenger, this vulnerability helped the attackers unknown to the owners turn computers into cryptocurrency miners.
These clandestine crypto mining operations had been going on since March 2017 reported Kaspersky Labs, the company that discovered and exposed the cyber attacks. Kaspersky also said a zero-day vulnerability in the Telegram messenger desktop app gave the attackers the ability to create and spread a never before seen the type of malware that could create a backdoor Trojan and also mine cryptocurrency.
A Kaspersky lab analyst said they had found quite a number of possible actions of the zero-day exploitation which asides from being spyware and malware, could also send unknown and unseen software for mining cryptocurrency, and that infections like that had become a global phenomenon.
Founder of Telegram
However, the founder of the Telegram application did not waste time in deemphasizing the allegations. He is of the opinion that antivirus companies always do the most at stretching the severity of their results, just to excite the public, and as such, should not be taken seriously. He also rebuffed Kaspersky’s claim by explaining that what they uncovered was nothing near a vulnerability of the Telegram messaging app, and also that there was no way cybercriminals could gain access to users’ computers without the users opening something malicious. He further assured Telegram users that they were safe and had always been safe.
According to Kaspersky, Fantomcoin, Monero, Zcash and other cryptocurrencies were acquired, and according to the evidence they had, Russians were behind the malware, and also that it could be used as a backdoor for hackers to gain access and silent control of users’ computers. Records of a Telegram local cache which most likely was stolen from victims was found in the process of doing their analysis of malicious servers.
One sure way to guard against such attacks is to avoid downloading and opening suspicious files from untrusted and unknown sources, as that suspicious file could be a portal for attacks.