bitcoin
bitcoin

$97861.499628 USD

4.38%

ethereum
ethereum

$3485.318002 USD

2.95%

tether
tether

$0.999080 USD

0.04%

xrp
xrp

$2.290400 USD

2.56%

bnb
bnb

$702.875076 USD

2.23%

solana
solana

$198.329151 USD

4.48%

dogecoin
dogecoin

$0.331936 USD

4.07%

usd-coin
usd-coin

$0.999890 USD

-0.02%

cardano
cardano

$0.921643 USD

2.70%

tron
tron

$0.256828 USD

2.24%

avalanche
avalanche

$41.043488 USD

6.98%

chainlink
chainlink

$24.793024 USD

4.08%

toncoin
toncoin

$5.840797 USD

4.28%

shiba-inu
shiba-inu

$0.000023 USD

3.95%

sui
sui

$4.556446 USD

-1.19%

加密货币新闻

卡巴斯基发现针对 Telegram 桌面用户的静默恶意软件

2024/04/13 14:03

俄罗斯安全公司卡巴斯基实验室发现了以前未检测到的恶意软件,其目标是流行消息应用程序 Telegram 桌面版的用户。该恶意软件自 2017 年 3 月起专门针对俄罗斯用户,旨在诱骗他们使用自己的机器挖掘 Monero 和 Zcash 等加密货币。 Telegram 跻身全球顶级移动通讯应用之列,预计 2018 年用户数量将达到 2 亿,尽管只有其桌面版在这次攻击中受到损害。

卡巴斯基发现针对 Telegram 桌面用户的静默恶意软件

Kaspersky Detects Stealth Malware Targeting Telegram Desktop Users

卡巴斯基检测到针对 Telegram 桌面用户的隐形恶意软件

Moscow, Russia - Kaspersky Lab, a leading cybersecurity firm, has identified and analyzed a previously undetected malware strain targeting users of the Telegram desktop messaging application, the company announced on Tuesday.

俄罗斯莫斯科 - 领先的网络安全公司卡巴斯基实验室周二宣布,该公司已识别并分析了一种先前未检测到的针对 Telegram 桌面消息应用程序用户的恶意软件菌株。

The malicious software, operational since March 2017, has primarily targeted Russian users. Its primary objective has been to surreptitiously enlist victims' computers into a network for mining cryptocurrencies, specifically Monero and Zcash.

该恶意软件自 2017 年 3 月开始运行,主要针对俄罗斯用户。其主要目标是秘密地将受害者的计算机纳入网络以挖掘加密货币,特别是 Monero 和 Zcash。

Telegram, boasting over 200 million active users worldwide, ranks as the ninth most popular mobile messaging platform. Notably, the malware only affects the desktop version of the application, which is distinct from the mobile app.

Telegram 在全球拥有超过 2 亿活跃用户,位列第九大最受欢迎的移动消息平台。值得注意的是,该恶意软件仅影响应用程序的桌面版本,这与移动应用程序不同。

The malware's modus operandi revolves around exploiting a specific feature within Telegram's desktop software that facilitates the recognition of Arabic and Hebrew scripts, which are read from right to left. By employing a hidden character that reverses the order of characters, attackers were able to rename files, subsequently triggering the installation of the malware.

该恶意软件的作案手法围绕着利用 Telegram 桌面软件中的特定功能,该功能有助于识别从右到左阅读的阿拉伯语和希伯来语脚本。通过使用反转字符顺序的隐藏字符,攻击者能够重命名文件,随后触发恶意软件的安装。

Kaspersky's investigation into the malware's code revealed connections to a Russian cybercriminal group. The firm emphasized that the vulnerability exploited in this attack is not exclusive to Telegram, as a similar vulnerability was recently discovered in WhatsApp.

卡巴斯基对该恶意软件代码的调查揭示了该恶意软件与俄罗斯网络犯罪组织的联系。该公司强调,此次攻击中利用的漏洞并非 Telegram 独有,最近在 WhatsApp 中也发现了类似的漏洞。

Upon discovering the vulnerability, Kaspersky promptly notified Telegram in October, and the issue was subsequently addressed and resolved.

发现该漏洞后,卡巴斯基于 10 月份及时通知 Telegram,该问题随后得到解决。

According to a statement released on Telegram's technical channel, the attack employed social engineering tactics, reliant on users being tricked into downloading a malicious image file. Telegram implemented a fix for the vulnerability in November.

根据 Telegram 技术频道发布的一份声明,此次攻击采用了社会工程策略,诱骗用户下载恶意图像文件。 Telegram 于 11 月修复了该漏洞。

"This is not a genuine vulnerability within Telegram Desktop," the statement asserts. "Your computer or Telegram account cannot be remotely compromised unless you open a (malicious) file," Telegram emphasized.

声明称:“这不是 Telegram Desktop 中的真正漏洞。” Telegram 强调:“除非您打开(恶意)文件,否则您的计算机或 Telegram 帐户不会受到远程攻击。”

Meanwhile, Telegram is reportedly preparing for a substantial initial coin offering (ICO), involving the private sale of tokens that will function as an alternative currency, akin to Bitcoin or Ethereum. An investment proposal reviewed by Reuters estimates that the ICO has the potential to raise up to $2 billion.

与此同时,据报道,Telegram 正在准备大规模的首次代币发行 (ICO),其中涉及代币的私人销售,这些代币将作为替代货币,类似于比特币或以太坊。路透社审阅的一份投资提案估计,ICO 有可能筹集高达 20 亿美元的资金。

The successful detection and analysis of this malware by Kaspersky Lab underscores the ongoing threat of cyberattacks and the importance of robust cybersecurity measures. Users are urged to exercise caution when downloading files from unknown sources and to keep their software up-to-date.

卡巴斯基实验室成功检测和分析该恶意软件凸显了网络攻击的持续威胁以及强有力的网络安全措施的重要性。我们敦促用户在从未知来源下载文件时务必小心,并保持软件最新。

免责声明:info@kdj.com

The information provided is not trading advice. kdj.com does not assume any responsibility for any investments made based on the information provided in this article. Cryptocurrencies are highly volatile and it is highly recommended that you invest with caution after thorough research!

If you believe that the content used on this website infringes your copyright, please contact us immediately (info@kdj.com) and we will delete it promptly.

2024年12月25日 发表的其他文章