Telegram zero-day vulnerability used in cryptocurrency mining attacks

Jan · Feb 13, 2018

Telegram zero-day vulnerability used in cryptocurrency mining attacks

Hackers have been able to exploit a vulnerability in the Telegram messaging app’s desktop client to earn units of cryptocurrencies such as Monero and ZCash, according to Kaspersky Lab.

[Bloomberg]

Hamish McPanji · Feb 13, 2018

/in b4 WhatsApp

Genisys · Feb 13, 2018

Never had this issue on IRC.

sajunky · Feb 13, 2018

So it is Windows vulnerability, isn't?

ginggs · Feb 13, 2018

https://securelist.com/zero-day-vulnerability-in-telegram/83800/

We don’t have exact information about how long and which versions of the Telegram products were affected by the vulnerability. What we do know is that its exploitation in Windows clients began in March 2017. We informed the Telegram developers of the problem, and the vulnerability no longer occurs in Telegram’s products.

Kloofvreter · Feb 13, 2018

sajunky said:
So it is Windows vulnerability, isn't?

Of course, Windows mines on it's own, not true? With the user's permission nogal!

ginggs · Feb 13, 2018

I guess this is the fix:
https://github.com/telegramdesktop/tdesktop/commit/aec496d5200c65bcabe4dae427cfc31beaf434fa

Join the MyBroadband community

Get started

Telegram zero-day vulnerability used in cryptocurrency mining attacks

Jan

Who's the Boss?

Hamish McPanji

Honorary Master

Genisys

Honorary Master

sajunky

Honorary Master

ginggs

༼ つ ◕_◕ ༽つ

Kloofvreter

Honorary Master

ginggs

༼ つ ◕_◕ ༽つ