|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
俄羅斯安全公司卡巴斯基實驗室發現了以前未檢測到的惡意軟體,其目標是流行訊息應用程式 Telegram 桌面版的用戶。該惡意軟體自 2017 年 3 月起專門針對俄羅斯用戶,旨在誘騙他們使用自己的機器挖掘 Monero 和 Zcash 等加密貨幣。 Telegram 躋身全球頂級行動通訊應用程式之列,預計 2018 年用戶數量將達到 2 億,儘管只有其桌面版在這次攻擊中受到損害。
Kaspersky Detects Stealth Malware Targeting Telegram Desktop Users
卡巴斯基偵測到針對 Telegram 桌面用戶的隱形惡意軟體
Moscow, Russia - Kaspersky Lab, a leading cybersecurity firm, has identified and analyzed a previously undetected malware strain targeting users of the Telegram desktop messaging application, the company announced on Tuesday.
俄羅斯莫斯科 - 領先的網路安全公司卡巴斯基實驗室週二宣布,該公司已識別並分析了一種先前未檢測到的針對 Telegram 桌面訊息應用程式用戶的惡意軟體菌株。
The malicious software, operational since March 2017, has primarily targeted Russian users. Its primary objective has been to surreptitiously enlist victims' computers into a network for mining cryptocurrencies, specifically Monero and Zcash.
該惡意軟體自 2017 年 3 月開始運行,主要針對俄羅斯用戶。其主要目標是秘密地將受害者的電腦納入網路以挖掘加密貨幣,特別是 Monero 和 Zcash。
Telegram, boasting over 200 million active users worldwide, ranks as the ninth most popular mobile messaging platform. Notably, the malware only affects the desktop version of the application, which is distinct from the mobile app.
Telegram 在全球擁有超過 2 億活躍用戶,名列第九大最受歡迎的行動訊息平台。值得注意的是,該惡意軟體僅影響應用程式的桌面版本,這與行動應用程式不同。
The malware's modus operandi revolves around exploiting a specific feature within Telegram's desktop software that facilitates the recognition of Arabic and Hebrew scripts, which are read from right to left. By employing a hidden character that reverses the order of characters, attackers were able to rename files, subsequently triggering the installation of the malware.
該惡意軟體的作案手法圍繞著利用 Telegram 桌面軟體中的特定功能,該功能有助於識別從右到左閱讀的阿拉伯語和希伯來語腳本。透過使用反轉字符順序的隱藏字符,攻擊者能夠重命名文件,隨後觸發惡意軟體的安裝。
Kaspersky's investigation into the malware's code revealed connections to a Russian cybercriminal group. The firm emphasized that the vulnerability exploited in this attack is not exclusive to Telegram, as a similar vulnerability was recently discovered in WhatsApp.
卡巴斯基對該惡意軟體程式碼的調查揭示了該惡意軟體與俄羅斯網路犯罪組織的聯繫。該公司強調,這次攻擊中利用的漏洞並非 Telegram 獨有,最近在 WhatsApp 中也發現了類似的漏洞。
Upon discovering the vulnerability, Kaspersky promptly notified Telegram in October, and the issue was subsequently addressed and resolved.
發現漏洞後,卡巴斯基於 10 月及時通知 Telegram,該問題隨後得到解決。
According to a statement released on Telegram's technical channel, the attack employed social engineering tactics, reliant on users being tricked into downloading a malicious image file. Telegram implemented a fix for the vulnerability in November.
根據 Telegram 技術頻道發布的聲明,此次攻擊採用了社會工程策略,誘騙用戶下載惡意圖像檔案。 Telegram 於 11 月修復了漏洞。
"This is not a genuine vulnerability within Telegram Desktop," the statement asserts. "Your computer or Telegram account cannot be remotely compromised unless you open a (malicious) file," Telegram emphasized.
聲明中寫道:“這不是 Telegram Desktop 中的真正漏洞。” Telegram 強調:“除非您打開(惡意)文件,否則您的電腦或 Telegram 帳戶不會受到遠端攻擊。”
Meanwhile, Telegram is reportedly preparing for a substantial initial coin offering (ICO), involving the private sale of tokens that will function as an alternative currency, akin to Bitcoin or Ethereum. An investment proposal reviewed by Reuters estimates that the ICO has the potential to raise up to $2 billion.
同時,據報道,Telegram 正在準備大規模的首次代幣發行 (ICO),其中涉及代幣的私人銷售,這些代幣將作為替代貨幣,類似於比特幣或以太坊。路透社審閱的投資提案估計,ICO 有可能籌集高達 20 億美元的資金。
The successful detection and analysis of this malware by Kaspersky Lab underscores the ongoing threat of cyberattacks and the importance of robust cybersecurity measures. Users are urged to exercise caution when downloading files from unknown sources and to keep their software up-to-date.
卡巴斯基實驗室成功偵測和分析該惡意軟體凸顯了網路攻擊的持續威脅以及強有力的網路安全措施的重要性。我們敦促用戶在從未知來源下載檔案時務必小心,並保持軟體最新。
免責聲明:info@kdj.com
The information provided is not trading advice. kdj.com does not assume any responsibility for any investments made based on the information provided in this article. Cryptocurrencies are highly volatile and it is highly recommended that you invest with caution after thorough research!
If you believe that the content used on this website infringes your copyright, please contact us immediately (info@kdj.com) and we will delete it promptly.
-
- PayZapp 統計數據 2025:收入流、用戶趨勢和行業地位
- 2024-12-26 02:35:01
- 在數位支付迅速發展的世界中,HDFC PayZapp 是印度領先的電子錢包解決方案之一
-
- 本週末最值得投資的新 Meme 幣:BTFD 幣、Gigachad 等
- 2024-12-26 02:35:01
- 讓我們面對現實吧,迷因幣是加密貨幣派對的生命。這些厚顏無恥、不敬的數位資產繼續吸引精明投資者的關注
-
- 五盧比硬幣會停產嗎?這是我們所知道的
- 2024-12-26 02:35:01
- 在國內,我們有兩種五盧比硬幣。一種由黃銅製成,另一種由較重的金屬製成。但最近,較重的硬幣出現得越來越少。
-
- 十億賽車:虛擬賽車和區塊鏈技術的革命性融合
- 2024-12-26 02:35:01
- 想像一下:即時比賽預測可為您贏得數字獎勵。這正是 Race to 10 億所帶來的,將高風險的賽車興奮與區塊鏈技術融為一體。
-
- 狗狗幣的未來:從迷因到市場競爭者
- 2024-12-26 02:35:01
- 狗狗幣可能最初是作為一種迷因,但隨著即將到來的改變遊戲規則的技術更新,它的旅程正在變得嚴肅起來。