![]() The keys used to encrypt the Telegram desktop data files are stored in the map files, which are encrypted by the user's password, so a brute-force attack is also a possibility. An attacker can then access the victims' session contacts and previous chats by restoring cache and map files into an attacker-controlled Telegram desktop installation.Īlthough Talos believes there aren't currently any tools that can decrypt the exfiltrated cache information, there have been online discussions regarding developing a tool that could. ![]() ![]() ![]() This data is then zipped and exfiltrated. Telegrab also drops and executes additional executables to collect cache and encryption key files from the desktop version of the Telegram app, as well as login credentials for the video game storefront Steam. Once executed, Telegram searches for Chrome browser credentials and session cookies for the default user, as well as any. The more dangerous second variant of the Telegram malware, Telegrab is being distributed via an. Now, researchers at Cisco Talos have discovered Telegram malware, dubbed Telegrab, targeting mainly Russian-speaking users of the app. ![]() refused to share technical details and hand over the encryption keys of its users to the Russian Federal Security Service for investigative purposes. Russia is trying to prohibit the app after the Britain-based Telegram Messenger Inc. Telegram messages are encrypted and can self-destruct, much to the annoyance of Russia's Federal Service for Supervision of Communications, Information Technology and Mass Media (Roskomnadzor). Telegram is a cloud-based, end-to-end encrypted instant messaging app for mobile and desktop, and it has servers spread worldwide for security and speed. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |