A New Malware Will Steal From Telegram

Hackers are being more and more sophisticated. Particularly in the crypto field, hackers can imbed their software and steal information. There is a new malware that can steal from your wallet without you even knowing your wallet has been hacked.

TL;DR

Disabled auto-downloading in Telegram settings to avoid the unaware download of malware and got hacked of your crypto wallet.

Here is a 1 min summary of the article if you want to skip the reading.

Echelon

This Malware steals private information from users and specifically targets crypto wallets and user accounts credentials. The software may contain multiple credential-stealing functions, domain detection, and computer fingerprinting to collect users’ credentials. It can also screenshot users’ credentials and automatically send them back to hackers. You can read the full report on how the code attack users here.

Handle @Smokes Night

Telegram group Smokes Night was reported to propagate the malware Echelon and steal credentials from user accounts and crypto-wallets. There are no other incidents revealed in the current time.

Possible places to exploit

According to the report, here are platforms and crypto wallets that potentially be the target:

Exploited Platforms: Discord, Edge, FileZilla, NordVPN, OpenVPN, Outlook, Pidgin, ProtonVPN, Psi(Jabber), Telegram, TotalCommander

Aimed Digital Currency Wallets: Armory, AtomicWallet, BitcoinCore, ByteCoin, DashCore, Electrum, Exodus, Ethereum, Jaxx, LitecoinCore, Monero, Zcash

Possible upgrade with zero clicking

The current version of software may need to click and install. However, it may evolve into zero-click with auto installation functionality to make a 0 click attack.

What you can do

If you are using Telegram, please turn off the auto-downloading functionality. You can reference how to turn off the auto-downloading here.

In Conclusion

Do not open any suspicious download zip files. Try to have your virus scan software active during your internet connection. Be sure to turn off your auto-download function on any chat apps.