The vulnerability in Telegram, which allows hacking of user accounts, was known.

Since the start of the special military operation in Ukraine, several Telegram accounts belonging to the administrators of Russian channels have been hacked into Telegram. Igor Bederov, head of the information and analytical research department at T.Hunter, told about this.

According to him, accounts were hacked by posting addresses of Telegram chats and channels. The links contained addresses of resources containing malicious code. He helped take control of the victim’s account.

“There is a vulnerability in the desktop version of Telegram that allows launching of third-party code, whose injection is performed when a link is clicked. The function of the code is to transfer access to the account to a third party, ”explained Bederov.

According to the expert, a similar Telegram vulnerability has been detected for the first time. specification By experts from Positive Technologies in April 2021. But at that time, the use of abuse in the “wild” nature was not yet known.

I’m going to assume it’s the apps that open the hyperlinks that are vulnerable, not Telegram itself. Presumably the messenger will fix this vulnerability in the desktop version in the next update,” Bederov said.

Bederov is reliably aware of the various cases of this vulnerability used against the administrators of Russian Telegram channels. However, he does not rule out that there may be more victims. The expert did not reveal the names of the hacked users.

The expert also warned that attackers are sending not only infected addresses of Telegram channels and chats, but also links to malware installation files with the same function, disguised as video files with .mp4 extension.

According to Bederov, a notification about the vulnerability has already been sent to Telegram.

Formerly Wrote It’s about the EU bill, which includes instant messaging users to “tie the wires” to search for child pornography.

Source: Gazeta


Please enter your comment!
Please enter your name here


More from author