It seems like every other day we hear about another website or another service being exploited to deliver cryptocurrency mining malware. This sort of malware is specifically designed to hijack the victim’s CPU resources to mine digital currency thus earning huge sums for those who are behind it. According to a new report, a zero-day exploit in the desktop version of Telegram was recently used to spread cryptocurrency malware.
Telegram is a popular encrypted messaging service that’s particularly popular among cryptocurrency enthusiasts. It’s not the only service that has been hit with such malware in the recent past, even YouTube wasn’t spared, while malicious actors continue to come up with new ways to infect thousands of websites with mining malware.
Security firm Kaspersky reports that a zero-day exploit in the desktop version of the Telegram messaging service was used to spread this malware. The exploit was leveraged to trick Telegram users into downloading malicious files which were used to spread the malware. It mined for digital currencies such as Monero, Zcash, Fantomcoin, and more.
Kaspersky also came across a stolen cache of Telegram data on one of the attackers’ servers while analyzing the servers of malicious actors. It was data that had been stolen from the victims of this malware attack. It then reported the exploit to Telegram which has since fixed the exploit.