Log for Telegram 討論區
「你經歷許多失敗,經歷許多軟弱,還有許多時候消極,這也可以說是神的試煉,因為一切都出於神,萬事萬物都在神的手中,失敗也好,軟弱跌倒也好,都在乎神,都由神掌握著,從神這邊說是試煉你,你如果認識不到,就成了試探。人該認識的有兩種情形:一種是出於聖靈,一種可能是出於撒但。一種情形聖靈光照你認識自己,恨惡、懊悔自己,能對神有真實的愛,立下心志去滿足神;一種情形是認識自己,但消極了,軟弱了,可以說是神的熬煉,但也可以說是撒但的試探。如果認識到了這是神對你的拯救,你現在太虧欠神了,從今以後彌補過來,不能再這樣墮落下去,好好吃喝神的話,總看自己不行,有渴慕的心志,這是神的試煉,受完痛苦之後再往前走神還帶領、光照、開啟、餵養。如果認識不到,而且消極了,乾脆破罐子破摔,你要這樣想就是撒但的試探臨到了
Zero-day vulnerability in Telegram
Cybercriminals exploited Telegram flaw to launch multipurpose attacks.
In October 2017, Kaspersky found a vulnerability in Telegram Desktop for Windows.
▶️ This vulnerability was fixed by Telegram Team on November 2017.
— Cases where it was actually exploited
1️⃣ The exploit was used to deliver mining software, allowing hackers to use the victim’s machine to mine cryptocurrency including “Monero, Zcash, Fantomcoin and others.
2️⃣ A backdoor was installed allowing cybercriminals to gain remote access to the victim’s computer after which it started to “operate in a silent mode,” allowing “the threat actor to remain unnoticed in the network and execute different commands, including the further installation of spyware tools.”
— Conclusion
It appears that only Russian cybercriminals were aware of this vulnerability, with all the exploitation cases that we detected occurring in Russia. Also, while conducting a detailed research of these attacks we discovered a lot of artifacts that pointed to involvement by Russian cybercriminals.
We don’t have exact information about how long and which versions of the Telegram products were affected by the vulnerability. What we do know is that its exploitation in Windows clients began in March 2017. We informed the Telegram developers of the problem, and the vulnerability no longer occurs in Telegram’s products.
🌐 Source: Secure List
via @TGLive
ℹ️ @geeksChannel
Cybercriminals exploited Telegram flaw to launch multipurpose attacks.
In October 2017, Kaspersky found a vulnerability in Telegram Desktop for Windows.
▶️ This vulnerability was fixed by Telegram Team on November 2017.
— Cases where it was actually exploited
1️⃣ The exploit was used to deliver mining software, allowing hackers to use the victim’s machine to mine cryptocurrency including “Monero, Zcash, Fantomcoin and others.
2️⃣ A backdoor was installed allowing cybercriminals to gain remote access to the victim’s computer after which it started to “operate in a silent mode,” allowing “the threat actor to remain unnoticed in the network and execute different commands, including the further installation of spyware tools.”
— Conclusion
It appears that only Russian cybercriminals were aware of this vulnerability, with all the exploitation cases that we detected occurring in Russia. Also, while conducting a detailed research of these attacks we discovered a lot of artifacts that pointed to involvement by Russian cybercriminals.
We don’t have exact information about how long and which versions of the Telegram products were affected by the vulnerability. What we do know is that its exploitation in Windows clients began in March 2017. We informed the Telegram developers of the problem, and the vulnerability no longer occurs in Telegram’s products.
🌐 Source: Secure List
via @TGLive
ℹ️ @geeksChannel
#Security 黑客利用 Telegram 的 0-day 漏洞传播恶意软件
#Telegram app 的桌面版本存在一个 0-day 漏洞正在野被利用于散播如 Monero 和 ZCash 等加密货币 💰 的挖矿恶意软件。该漏洞在去年 10 月由卡巴斯基实验室的安全研究员 Alexey Firsh 发现,仅影响 Telegram app 的 Windows 客户端。
根据 Securelist 上的博客帖子,攻击者至少自 2017 年 3 月开始利用这个漏洞,欺骗受害者下载恶意软件,以使用他们的 CPU 来挖掘加密货币,或者作为攻击者的后门来远程控制受影响的机器。
ref THN via Insight
02/13/2018
#Telegram app 的桌面版本存在一个 0-day 漏洞正在野被利用于散播如 Monero 和 ZCash 等加密货币 💰 的挖矿恶意软件。该漏洞在去年 10 月由卡巴斯基实验室的安全研究员 Alexey Firsh 发现,仅影响 Telegram app 的 Windows 客户端。
根据 Securelist 上的博客帖子,攻击者至少自 2017 年 3 月开始利用这个漏洞,欺骗受害者下载恶意软件,以使用他们的 CPU 来挖掘加密货币,或者作为攻击者的后门来远程控制受影响的机器。
ref THN via Insight
02/13/2018
The Kaspersky antivirus company claimed today they found a “0-day vulnerability on Telegram for Windows”, which affected “1000 users before it was fixed”.
As always, reports from antivirus companies must be taken with a grain of salt, as they tend to exaggerate the severity of their findings to get publicity in mass media. Telegram Geeks, a community of Telegram fans, gave a good explanation of what it really was about:
As always, reports from antivirus companies must be taken with a grain of salt, as they tend to exaggerate the severity of their findings to get publicity in mass media. Telegram Geeks, a community of Telegram fans, gave a good explanation of what it really was about:
▶️ Our two cents:
Well, this is not a real vulnerability on Telegram Desktop, no one can remotely take control of your computer or Telegram unless you open a malicius file.
This kind of vulnerability is based on social engineering.
In fact, it was a .js file hidden on a a .png file, this happened thanks to RTL characters.
Windows users must click on the Run dialog in order to install the malware.
So don't worry, unless you opened a malicius file, you have always been safe.
ℹ️ @geeksChannel
Well, this is not a real vulnerability on Telegram Desktop, no one can remotely take control of your computer or Telegram unless you open a malicius file.
This kind of vulnerability is based on social engineering.
In fact, it was a .js file hidden on a a .png file, this happened thanks to RTL characters.
Windows users must click on the Run dialog in order to install the malware.
So don't worry, unless you opened a malicius file, you have always been safe.
ℹ️ @geeksChannel
The Kaspersky antivirus company claimed today they found a “0-day vulnerability on Telegram for Windows”, which affected “1000 users before it was fixed”.
As always, reports from antivirus companies must be taken with a grain of salt, as they tend to exaggerate the severity of their findings to get publicity in mass media. Telegram Geeks, a community of Telegram fans, gave a good explanation of what it really was about:
As always, reports from antivirus companies must be taken with a grain of salt, as they tend to exaggerate the severity of their findings to get publicity in mass media. Telegram Geeks, a community of Telegram fans, gave a good explanation of what it really was about: