November 17, 2024

Telegram users beware of new threat that can hack your devices

January 5, 2022 0

The popularity of the Telegram messenger application is being misused by malicious actors. There are some fake apps that are masquerading as the Telegram app. This is being used to hack devices like PCs that run on Windows-based operating systems. The malware is being distributed via emails and even via some phishing accounts.

According to cyber-security researchers Minerva Labs, this malware can put user information at risk. They are able to evade the installed anti-virus systems, the researchers have warned. The messaging application look-alikes are being distributed with the help of fake installers. The researchers claim that the malware is being used to distribute the Windows-based ‘Purple Fox’ backdoor on compromised systems.

Researcher Natalie Zargarov said, “We found a large number of malicious installers delivering the same ‘Purple Fox’ rootkit version using the same attack chain. It seems like some were delivered via email, while others we assume were downloaded from phishing websites.”

“The beauty of this attack is that every stage is separated to a different file which is useless without the entire file set. This helps the attacker protect his files from AV (anti-virus) detection,” the researcher informed.

The investigation from the researchers, according to an IANS report, found that the threat actor was able to hide under the radar by separating the attack into several small files, most of which had very low detection rates by (antivirus) engines, “with the final stage leading to Purple Fox rootkit infection”.

The new malware called ‘Purple Fox’ was first spotted in the year 2018. It comes with rootkit capabilities. What this means is that it allows the malware to be planted beyond the reach of anti-virus solutions, according to thehackernews.com.

Another set of researchers at Trend Micro had revealed that a .NET implant dubbed FoxSocket deployed in conjunction with Purple Fox. “The rootkit capabilities of Purple Fox make it more capable of carrying out its objectives in a stealthier manner,” the researchers noted.

“They allow Purple Fox to persist on affected systems as well as deliver further payloads to affected systems.” Zargarov said that they have often observed threat actors using legitimate software for dropping malicious files.

This time around, the main difference is that the malicious actor is able to easily hide the attack under the radar by separating the attack into several small files.

The post Telegram users beware of new threat that can hack your devices appeared first on BGR India.

More Stories

Apple Acknowledges iCloud Notes Disappearing and Explains How to Fix

Apple Acknowledges iCloud Notes Disappearing and Explains How to Fix

November 17, 2024 0
Samsung Galaxy S24 FE review: Lacking in power, but not in value

Samsung Galaxy S24 FE review: Lacking in power, but not in value

November 16, 2024 0
‘Croissant’ App for Cross-Posting on Threads, Bluesky, and Mastodon Coming to Mac and iPad

‘Croissant’ App for Cross-Posting on Threads, Bluesky, and Mastodon Coming to Mac and iPad

November 16, 2024 0

You may have missed

Apple Acknowledges iCloud Notes Disappearing and Explains How to Fix

Apple Acknowledges iCloud Notes Disappearing and Explains How to Fix

November 17, 2024 0
Samsung Galaxy S24 FE review: Lacking in power, but not in value

Samsung Galaxy S24 FE review: Lacking in power, but not in value

November 16, 2024 0
‘Croissant’ App for Cross-Posting on Threads, Bluesky, and Mastodon Coming to Mac and iPad

‘Croissant’ App for Cross-Posting on Threads, Bluesky, and Mastodon Coming to Mac and iPad

November 16, 2024 0
I don’t know how I used Windows 11 before these 7 PowerToys apps

I don’t know how I used Windows 11 before these 7 PowerToys apps

November 16, 2024 0
What apps come pre-installed on a Google Pixel phone?

What apps come pre-installed on a Google Pixel phone?

November 16, 2024 0