Over the past three months, users of the popular messaging app Telegram have seen over 130 attacks using a new multi-functional remote access trojan (RAT) dubbed ‘ToxicEye’, according to recently released research. Following controversial changes to privacy settings from Facebook’s WhatsApp, cloud-based IM platform Telegram has enjoyed a surge in popularity, becoming the most downloaded app worldwide for January 2021 with more than 63 million installs. Unfortunately, this popularity also extends to the cyber-criminal community. Malware authors are increasingly using Telegram as a ready-made command and control (C&C) system for their malicious products, because it offers several advantages compared to conventional web-based malware administration.

The ToxicEye trojan is spread via phishing emails containing a malicious .exe file.  If the user opens the attachment, ToxicEye installs itself on the victim’s PC and performs a range of exploits without the victim’s knowledge. Included amongst these malicious capabilities are the ability to steal data, delete or transfer files, hijack the PC’s microphone and camera to record audio and video, and encrypt files for ransom purposes.

Experts Comments

April 29, 2021
Jake Moore
Cybersecurity Specialist
ESET

Although Telegram is privacy focused, the specific design of the platform lends itself to be manipulated by malicious actors, so caution must be advised. Once this particular Trojan is infected on a device, the illicit possibilities are endless and difficult to defend against. 

 

Email still remains the favoured route of entry for cybercriminals, however, so people must be wary of unsolicited emails – particularly those with attachments. It is also advisable to use antivirus software and

.....Read More

Although Telegram is privacy focused, the specific design of the platform lends itself to be manipulated by malicious actors, so caution must be advised. Once this particular Trojan is infected on a device, the illicit possibilities are endless and difficult to defend against. 

 

Email still remains the favoured route of entry for cybercriminals, however, so people must be wary of unsolicited emails – particularly those with attachments. It is also advisable to use antivirus software and implement robust spam filters and sandbox environments wherever possible.

  Read Less

Submit Your Expert Comments

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Write Your Expert Comments *
Your Registered Email *
Notification Email (If different from your registered email)
* By using this form you agree with the storage and handling of your data by this web site.