If we are to navigate through different aspects of the world in a productive manner, we must learn how to find the right balance across all frontiers. This is important due to the volatile nature of our surroundings. As a way to deal with it, we have put-together many attempts that help the world’s bid for poise in a sustainable manner. Now, while each of these attempts did move the needle one way or the other, the only one that ended up triggering a generational shift was technology. You see, with technology leading our cause, we suddenly had more power in our hands than ever before, and these replenished power dynamics, in turn, would propel us towards a better brand of life. However, the said transformation arrived at a very heavy cost. To contextualize the statement, we must look at how technology made us vulnerable by such a large margin. Soon after the creation had established itself as a mainstay in our lives, we started spotting the loopholes it brought in regards to security. Time and again, the world will receive a new testimony of this glaring inconsistency, and the latest one comes through popular social media platform, Telegram.
According to a report from SafeGuard Cyber’s Division Seven threat analysis unit, hackers are actively abusing Telegram to steal the credentials of some crypto owners using the platform. The report states that the whole attack is being facilitated by a devastating malware called Echelon infostealer. Alongside Telegram, the malware is also targeting other messaging and file-sharing platforms, including Discord, Edge, FileZilla, OpenVPN, and Outlook. Apart from it, the researchers observed numerous direct attacks on cryptocurrency wallets, with AtomicWallet, BitcoinCore, ByteCoin, Exodus, Jaxx and Monero making the list of victims.
Even though the attack was directed at a very wide radius, we haven’t, so far, heard about any major casualties.
“Based on the malware and the manner in which it was posted, SafeGuard Cyber believes that it was not part of a coordinated campaign, and was simply targeting new or naïve users of the channel,” stated the report.
As per the further findings, the Echelon was delivered to cryptocurrency channels on Telegram in a. RAR file. Interestingly enough, the hackers had roped in an open-source ConfuserEX tool to nullify any debugging or malware analysis process. When the researchers were able to get past it, however, they discovered that the payload of the files contained domain detection capabilities, computer fingerprinting, and the authority to take screenshots. Every piece of data collected by these Trojan horses gets sent back to a command-and-control sever in ZIP file format.