#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News

Telegram Messenger | Breaking Cybersecurity News | The Hacker News

Category — Telegram Messenger
Telegram Founder Pavel Durov Arrested in France for Content Moderation Failures

Telegram Founder Pavel Durov Arrested in France for Content Moderation Failures

Aug 25, 2024 Law Enforcement / Digital Privacy
Pavel Durov, founder and chief executive of the popular messaging app Telegram, was arrested in France on Saturday, according to French television network TF1. Durov is believed to have been apprehended pursuant to a warrant issued in connection with a preliminary police investigation. TF1 said the probe was focused on a lack of content moderation on the instant messaging service, which the authorities took issue with, turning the app into a haven for various kinds of criminal activity, including drug trafficking, child pornography, money laundering, and fraud. The hands-off approach to moderation on Telegram has been a point of contention , fueling cybercrime and turning the platform into a hub for threat actors to organize their operations, distribute malware, and peddle stolen data and other illegal goods  "This messaging app has transformed into a bustling hub where seasoned cybercriminals and newcomers alike exchange illicit tools and insights creating a dark and well-...
Ukraine Warns of Cyber attack Aiming to Hack Users' Telegram Messenger Accounts

Ukraine Warns of Cyber attack Aiming to Hack Users' Telegram Messenger Accounts

Apr 06, 2022
Ukraine's technical security and intelligence service is warning of a new wave of cyber attacks that are aimed at gaining access to users' Telegram accounts. "The criminals sent messages with malicious links to the Telegram website in order to gain unauthorized access to the records, including the possibility to transfer a one-time code from SMS," the State Service of Special Communication and Information Protection (SSSCIP) of Ukraine  said  in an alert. The attacks , which have been attributed to a threat cluster called "UAC-0094," originate with Telegram messages alerting recipients that a login had been detected from a new device located in Russia and urging the users to confirm their accounts by clicking on a link. The URL, in reality a phishing domain, prompts the victims to enter their phone numbers as well as the one-time passwords sent via SMS that are then used by the threat actors to take over the accounts. The modus operandi  mirrors  that ...
Want to Grow Vulnerability Management into Exposure Management? Start Here!

Want to Grow Vulnerability Management into Exposure Management? Start Here!

Dec 05, 2024Attack Surface / Exposure Management
Vulnerability Management (VM) has long been a cornerstone of organizational cybersecurity. Nearly as old as the discipline of cybersecurity itself, it aims to help organizations identify and address potential security issues before they become serious problems. Yet, in recent years, the limitations of this approach have become increasingly evident.  At its core, Vulnerability Management processes remain essential for identifying and addressing weaknesses. But as time marches on and attack avenues evolve, this approach is beginning to show its age. In a recent report, How to Grow Vulnerability Management into Exposure Management (Gartner, How to Grow Vulnerability Management Into Exposure Management, 8 November 2024, Mitchell Schneider Et Al.), we believe Gartner® addresses this point precisely and demonstrates how organizations can – and must – shift from a vulnerability-centric strategy to a broader Exposure Management (EM) framework. We feel it's more than a worthwhile read an...
DirtyMoe Botnet Gains New Exploits in Wormable Module to Spread Rapidly

DirtyMoe Botnet Gains New Exploits in Wormable Module to Spread Rapidly

Mar 17, 2022
The malware known as DirtyMoe has gained new worm-like propagation capabilities that allow it to expand its reach without requiring any user interaction, the latest research has found. "The worming module targets older well-known vulnerabilities, e.g.,  EternalBlue  and  Hot Potato  Windows privilege escalation," Avast researcher Martin Chlumecký  said  in a report published Wednesday. "One worm module can generate and attack hundreds of thousands of private and public IP addresses per day; many victims are at risk since many machines still use unpatched systems or weak passwords." Active since 2016, the  DirtyMoe botnet  is used for carrying out cryptojacking and distributed denial-of-service (DDoS) attacks, and is deployed by means of external exploit kits like  Purple Fox  or injected installers of Telegram Messenger. Also employed as part of the attack sequence is a DirtyMoe service that triggers the launch of two additional p...
cyber security

Innovate Securely: Top Strategies to Harmonize AppSec and R&D Teams

websiteBackslashApplication Security
Tackle common challenges to make security and innovation work seamlessly.
Beware of Fake Telegram Messenger App Hacking PCs with Purple Fox Malware

Beware of Fake Telegram Messenger App Hacking PCs with Purple Fox Malware

Jan 04, 2022
Trojanized installers of the Telegram messaging application are being used to distribute the Windows-based Purple Fox backdoor on compromised systems. That's according to new research published by Minerva Labs, describing the attack as different from intrusions that typically take advantage of legitimate software for dropping malicious payloads. "This threat actor was able to leave most parts of the attack under the radar by separating the attack into several small files, most of which had very low detection rates by [antivirus] engines, with the final stage leading to Purple Fox rootkit infection," researcher Natalie Zargarov  said . First discovered in 2018, Purple Fox comes with rootkit capabilities that allow the malware to be planted beyond the reach of security solutions and evade detection. A March 2021 report from Guardicore  detailed  its worm-like propagation feature, enabling the backdoor to spread more rapidly. Then in October 2021, Trend Micro researche...
New Web-Based Credit Card Stealer Uses Telegram Messenger to Exfiltrate Data

New Web-Based Credit Card Stealer Uses Telegram Messenger to Exfiltrate Data

Sep 02, 2020
Cybercriminal groups are constantly evolving to find new ways to pilfer financial information, and the latest trick in their arsenal is to leverage the messaging app Telegram to their benefit. In what's a new tactic adopted by Magecart groups, the encrypted messaging service is being used to send stolen payment details from compromised websites back to the attackers. "For threat actors, this data exfiltration mechanism is efficient and doesn't require them to keep up infrastructure that could be taken down or blocked by defenders," Jérôme Segura of Malwarebytes said in a Monday analysis . "They can even receive a notification in real time for each new victim, helping them quickly monetize the stolen cards in underground markets." The TTP was first publicly documented by security researcher @AffableKraut in a Twitter thread last week using data from Dutch cybersecurity firm Sansec. Injecting e-skimmers on shopping websites by exploiting a known...
Telegram Suffers 'Powerful DDoS Attack' From China During Hong Kong Protests

Telegram Suffers 'Powerful DDoS Attack' From China During Hong Kong Protests

Jun 13, 2019
Telegram, one of the most popular encrypted messaging app, briefly went offline yesterday for hundreds of thousands of users worldwide after a powerful distributed denial-of-service (DDoS) attack hit its servers. Telegram founder Pavel Durov later revealed that the attack was mainly coming from the IP addresses located in China, suggesting the Chinese government could be behind it to sabotage Hong Kong protesters. Since last week, millions of people in Hong Kong are fighting their political leaders over the proposed amendments to an extradition law that would allow a person arrested in Hong Kong to face trial elsewhere, including in mainland China. Many people see it as a fundamental threat to the territory's civic freedoms and the rule of law. Many people in Hong Kong are currently using Telegram's encrypted messaging service to communicate without being spied on, organize the protest, and alert each other about activities on the ground. According to Telegram, th...
Telegram Gained 3 Million New Users During WhatsApp, Facebook Outage

Telegram Gained 3 Million New Users During WhatsApp, Facebook Outage

Mar 14, 2019
WhatsApp, Facebook, and Instagram faced a widespread outage yesterday with users from around the world reporting issues with sending messages on WhatsApp and Messenger, posting feeds on Facebook and accessing other features on the three Facebook-owned platforms. While the outage was quite troubling both for the social media giant and its millions of users, guess who benefits the most out of the incident? TELEGRAM. Pavel Durov, the founder of the popular secure messaging platform Telegram, claims to have had a surge in sign-ups within the last 24 hours, at the time duration when its rival messaging services were facing downtime. "I see 3 million new users signed up for Telegram within the last 24 hours," Durov wrote on his Telegram channel. "Good. We have true privacy and unlimited space for everyone." Telegram is an excellent alternative to Facebook's Messenger and WhatsApp services, offering users an optional end-to-end encrypted messaging feature,...
Telegram Calling Feature Leaks Your IP Addresses—Patch Released

Telegram Calling Feature Leaks Your IP Addresses—Patch Released

Oct 01, 2018
The desktop version of the security and privacy-focused, end-to-end encrypted messaging app, Telegram , has been found leaking both users' private and public IP addresses by default during voice calls. With 200 million monthly active users as of March 2018, Telegram promotes itself as an ultra-secure instant messaging service that lets its users make end-to-end encrypted chat and voice call with other users over the Internet. Security researcher Dhiraj Mishra uncovered a vulnerability (CVE-2018-17780) in the official Desktop version of Telegram (tdesktop) for Windows, Mac, and Linux, and Telegram Messenger for Windows apps that was leaking users' IP addresses by default during voice calls due to its peer-to-peer (P2P) framework. To improve voice quality, Telegram by default uses a P2P framework for establishing a direct connection between the two users while initiating a voice call, exposing the IP addresses of the two participants. Telegram Calls Could Leak Your ...
Russia asks Apple to remove Telegram Messenger from the App Store

Russia asks Apple to remove Telegram Messenger from the App Store

May 30, 2018
Russia's communications regulator Roskomnadzor has threatened Apple to face the consequences if the company does not remove secure messaging app Telegram from its App Store. Back in April, the Russian government banned Telegram in the country for the company's refusal to hand over private encryption keys to Russian state security services to access messages sent using the secure service. However, so far, the Telegram app is still available in the Russian version of Apple's App Store. So in an effort to entirely ban Telegram, state watchdog Roskomnadzor reportedly sent a legally binding letter to Apple asking it to remove the app from its Russian App Store and block it from sending push notifications to local users who have already downloaded the app. Roskomnadzor's director Alexander Zharov said he is giving the company one month to remove the Telegram app from its App Store before the regulator enforces punishment for violations. For those unfamiliar with...
Hackers Exploit 'Telegram Messenger' Zero-Day Flaw to Spread Malware

Hackers Exploit 'Telegram Messenger' Zero-Day Flaw to Spread Malware

Feb 13, 2018
A zero-day vulnerability has been discovered in the desktop version for end-to-end encrypted Telegram messaging app that was being exploited in the wild in order to spread malware that mines cryptocurrencies such as Monero and ZCash. The Telegram vulnerability was uncovered by security researcher Alexey Firsh from Kaspersky Lab last October and affects only the Windows client of Telegram messaging software. The flaw has actively been exploited in the wild since at least March 2017 by attackers who tricked victims into downloading malicious software onto their PCs that used their CPU power to mine cryptocurrencies or serve as a backdoor for attackers to remotely control the affected machine, according to a blogpost on Securelist. Here's How Telegram Vulnerability Works The vulnerability resides in the way Telegram Windows client handles the RLO (right-to-left override) Unicode character (U+202E), which is used for coding languages that are written from right to left, li...
A Company Offers $500,000 For Secure Messaging Apps Zero-Day Exploits

A Company Offers $500,000 For Secure Messaging Apps Zero-Day Exploits

Aug 24, 2017
How much does your privacy cost? It will soon be sold for half a Million US dollars. A controversial company specialises in acquiring and reselling zero-day exploits is ready to pay up to US$500,000 for working zero-day vulnerabilities targeting popular secure messenger applications, such as Signal, Telegram and WhatsApp. Zerodium announced a new pricing structure on Wednesday, paying out $500,000 for fully functional remote code execution (RCE) and local privilege escalation (LPE) vulnerabilities in Signal, WhatsApp, iMessage, Viber, Facebook Messenger, WeChat, and Telegram. The payouts for all these secure messengers have been increased after tech companies introduced end-to-end encryption in their apps, making it more difficult for anyone to compromise their messaging platforms. The same payout is offered for remote code execution and local privilege escalation security flaws in default mobile email applications. Launched in 2015, Zerodium is a Washington, DC-based p...
Russia Threatens to Ban Telegram Messaging App, Says It Was Used By Terrorists

Russia Threatens to Ban Telegram Messaging App, Says It Was Used By Terrorists

Jun 26, 2017
Russia has threatened to ban Telegram end-to-end encrypted messaging app, after Pavel Durov, its founder, refused to sign up to the country's new data protection laws. Russian intelligence service, the FSB, said on Monday that the terrorists that killed 15 people in Saint Petersburg in April had used the Telegram encrypted messaging service to plot their attacks. According to the new Russian Data Protection Laws, as of January 1, all foreign tech companies have been required to store the past six months' of the personal data of its citizens and encryption keys within the country; which the company has to share with the authorities on demand. "There is one demand, and it is simple: to fill in a form with information on the company that controls Telegram," Alexander Zharov said, head of communications regulator Roskomnadzor (state communications watchdog). "And to officially send it to Roskomnadzor to include this data in the registry of organizers of d...
Telegram Messenger Adds AI-powered Encrypted Voice Calls

Telegram Messenger Adds AI-powered Encrypted Voice Calls

Mar 31, 2017
Joining the line with rival chat apps WhatsApp, Viber, Facebook Messenger, and Signal, the Telegram instant messaging service has finally rolled out a much-awaited feature for the new beta versions of its Android app: Voice Calling . And what's interesting? Your calls will be secured by Emojis, and quality will be better using Artificial Intelligence. No doubt the company brought the audio calling feature quite late, but it's likely because of its focus on security — the voice calls on Telegram are by default based on the same end-to-end encryption methods as its Secret Chat mode to help users make secure calls. Unlike Signal or WhatsApp, Telegram does not support end-to-end encryption by default; instead, it offers a 'Secret Chat' mode, which users have to enable manually, to completely secure their chats from prying eyes. However, the voice calling feature in Telegram supports end-to-end encryption by default, enabling users to secure their chats in a way ...
How One Photo Could Have Hacked Your WhatsApp and Telegram Accounts

How One Photo Could Have Hacked Your WhatsApp and Telegram Accounts

Mar 15, 2017
Next time when someone sends you a photo of a cute cat or a hot chick on WhatsApp or Telegram then be careful before you click on the image to view — it might hack your account within seconds. A new security vulnerability has recently been patched by two popular end-to-end encrypted messaging services — WhatsApp and Telegram — that could have allowed hackers to completely take over user account just by having a user simply click on a picture. The hack only affected the browser-based versions of WhatsApp and Telegram, so users relying on the mobile apps are not vulnerable to the attack. According to Checkpoint security researchers, the vulnerability resided in the way both messaging services process images and multimedia files without verifying that they might have hidden malicious code inside. For exploiting the flaw, all an attacker needed to do was sending the malicious code hidden within an innocent-looking image. Once the victim clicked on the picture, the attacker coul...
Telegram Hacked? Turn ON Important Security Settings to Secure your Private Chats

Telegram Hacked? Turn ON Important Security Settings to Secure your Private Chats

Aug 03, 2016
We have heard a lot about data breaches nowadays. And if you think that switching to an encrypted messaging service may secure you and your data, then you may be wrong. No good deed today can help you protect yourself completely. Reuters and several media outlets are reporting that the phone numbers of 15 Million users in Iran and more than a dozen accounts on the Telegram instant messaging service have been compromised by Iranian hackers exploiting an SMS text message flaw. Telegram is a messaging app " with a focus on security " that promotes itself as an ultra secure instant messaging system as all data is end-to-end encrypted. The service claims to have 100 Million active subscribers. According to research conducted by two security researchers, Collin Anderson and Claudio Guarnieri, this attack has threatened the communications of activists, journalists and other people in Iran, where around 20 Million people use Telegram. The incident is even said to be the...
Pro-ISIS Hackers release 'Kill List' Of 43 United States Officials

Pro-ISIS Hackers release 'Kill List' Of 43 United States Officials

Apr 26, 2016
In Brief A group of pro-ISIS hackers calling themselves the United Cyber Caliphate (UCC) has issued a "Kill List" containing the names of dozens of U.S. government personnel at the Pentagon, Department of Homeland Security, State Department, and several other federal agencies. Meanwhile, the US military's Cyber Command has announced to launch its first attack against ISIS' digital infrastructure in an effort to disrupt the terrorist's communications and other core functions. The announcement came earlier this week when President Barack Obama discussed the war on ISIS ( Islamic State ) in Hanover, Germany, where he met with world leaders and represented this new cyber initiative, according to the sources from New York Times. On the other side, the Kill List was distributed Monday by the United Cyber Caliphate (UCC) hackers over the popular end-to-end encrypted messaging app Telegram through which the ISIS communicate with their followers and spread terro...
WhatsApp Blocks Links to Telegram Messenger (Its biggest Competitor)

WhatsApp Blocks Links to Telegram Messenger (Its biggest Competitor)

Dec 01, 2015
It seems like Facebook-owned popular messaging service WhatsApp is blocking links to rival messaging applications – at least Telegram app  for now. Telegram users are noticing that WhatsApp is blocking any links to the privacy-oriented messaging service Telegram.me. Although users are free to send or receive Telegram links on WhatsApp, the links appear as non-clickable that you cannot copy or forward. This strange behavior was first noticed this morning by Telegram users over on Reddit. The URLs – which are generally automatically made clickable – still appeared as plain text messages, but they didn't register as hyperlinks, blocking users from copying or forwarding them to other users or other apps. Read Also: How to Auto-BackUp Your WhatsApp Data to Google Drive with Encryption . In general, this odd behavior is done with malicious URLs such as malware or spam. The Culprit However, this strange behavior was not exhibited on every device. Only W...
Is Telegram Really Secure? — 4 Major Privacy Issues Raised by Researcher

Is Telegram Really Secure? — 4 Major Privacy Issues Raised by Researcher

Nov 19, 2015
The terrorist groups are encouraging its followers to use Telegram to make their propaganda invisible from law enforcement, but some security experts believe that Telegram may not be as secure as jihadi advocates may like to believe. Telegram is an end-to-end encrypted messaging service that has been adopted by a lot more people than ISIS — as of last year, the company claimed more than 50 Million Telegram users sending 1 Billion messages per day. Terrorists love Telegram because it not only provides an encrypted Secret Chat feature that lets its users broadcast messages to unlimited subscribers but also offers self-destructing message allowing users to set their messages to self-destruct itself after a certain period. Is Telegram Really Secure? In a blog post published Wednesday, the security researcher known as " the Grugq " pointed out several issues with Telegram that might obstruct terrorists from using it.  Here's the list of issues with...
Telegram — Secret Messaging app — Shuts Down 78 ISIS Channels

Telegram — Secret Messaging app — Shuts Down 78 ISIS Channels

Nov 19, 2015
The terrorist groups affiliated with the Islamic State have an extensive presence not only on social media accounts but also on the popular end-to-end encrypted messaging app Telegram through which they communicate with their followers and spread terror propaganda materials. Telegram has always been terrorist's favorite, but ISIS had been using the app since October, when Telegram introduced an end-to-end encrypted Secret Chat feature that lets users broadcast messages to an unlimited number of subscribers. Moreover, Telegram also provides self-destructing message feature that allows users to set their messages to self-destruct itself after a certain period of time. But, the Good News is: The nonprofit organization that runs Telegram has blocked around 78 ISIS-affiliated channels that the terrorists used to: Communicate with their members Spread propaganda Recruit foreign supporters Plan operations Radicalize young people "We were disturbed to learn that Telegram...
Expert Insights / Articles Videos
Cybersecurity Resources