The hacker managed to steal data from the Telegram

Хакер впервые смог похитить данные из Telegram

The administration Telegram has not yet commented on the information about hacking.

The computer security experts from Cisco Talos discovered a malicious program that can steal data from version messenger Telegram for desktop computers.

The malware mainly target the Russian-speaking victims and deliberately avoids using IP addresses associated with anonymizer services, the report said Cisco Talos, reports the online edition of the with reference for a New time.

Apparently, the author is a Russian hacker under the alias Racoon or Enot272.

“A cursory analysis shows that Racoon Hacker is Russian native speaker and has a great understanding of the Python programming language. For example, decoding the user’s home directory is executed by using the encoding scheme of characters in CP 1251, which is mainly used for languages such as Russian or Ukrainian,” – experts say.

In April 2018, a hacker attacked twice Telegram, with the result that he was able to steal the cache files and the encryption keys messenger. These keys constantly change, so the success of a hacker doesn’t mean he can read the correspondence of all users, says the BBC.

In the cache Telegram stores files that users used in the correspondence – documents, video, audio, photos. Malware attacks only version of messenger for computers, because it is not the function of the secret chat. In addition, the default in this version is poorly configured security.

Experts believe that the vulnerability allows access to the session, contacts, and correspondence of the victim. In particular, the program scans your hard disks on computers running the Windows operating system on the subject of the credentials of the Google Chrome browser. Also scanned cookie (settings and user statistics) and text files. All of this, when detected, archived and downloaded to a cloud data storage service

“An attacker will only have access to locally cached data. It is important to understand that there is no certainty that the data is stored locally. The only certainty is that the chats are stored in the cloud,” the experts stress.

The administration Telegram has not yet commented on the information about hacking.

Share Button