Users Flocking To Telegram May Face Toxic Trojan

By   ISBuzz Team
Writer , Information Security Buzz | Apr 29, 2021 02:13 am PST

Over the past three months, users of the popular messaging app Telegram have seen over 130 attacks using a new multi-functional remote access trojan (RAT) dubbed ‘ToxicEye’, according to recently released research. Following controversial changes to privacy settings from Facebook’s WhatsApp, cloud-based IM platform Telegram has enjoyed a surge in popularity, becoming the most downloaded app worldwide for January 2021 with more than 63 million installs. Unfortunately, this popularity also extends to the cyber-criminal community. Malware authors are increasingly using Telegram as a ready-made command and control (C&C) system for their malicious products, because it offers several advantages compared to conventional web-based malware administration.

The ToxicEye trojan is spread via phishing emails containing a malicious .exe file.  If the user opens the attachment, ToxicEye installs itself on the victim’s PC and performs a range of exploits without the victim’s knowledge. Included amongst these malicious capabilities are the ability to steal data, delete or transfer files, hijack the PC’s microphone and camera to record audio and video, and encrypt files for ransom purposes.

Notify of
1 Expert Comment
Oldest Most Voted
Inline Feedbacks
View all comments
Jake Moore
Jake Moore , Global Cyber Security Advisor
April 29, 2021 10:14 am

<p>Although Telegram is privacy focused, the specific design of the platform lends itself to be manipulated by malicious actors, so caution must be advised. Once this particular Trojan is infected on a device, the illicit possibilities are endless and difficult to defend against. </p> <p> </p> <p>Email still remains the favoured route of entry for cybercriminals, however, so people must be wary of unsolicited emails – particularly those with attachments. It is also advisable to use antivirus software and implement robust spam filters and sandbox environments wherever possible.</p>

Last edited 2 years ago by Jake Moore

Recent Posts

Would love your thoughts, please comment.x