Malware found in Telegram 'alternative' – cybersecurity firm
MANILA, Philippines – Cybersecurity firm Kaspersky Labs found malware in an app presenting itself as an alternative to popular messaging app Telegram circulating in Central Asia, Kaspersky said in a statement on Monday, October 22.
The app surfaces in light of a possible ban of Telegram in the region, with attackers seeking to embed their malware as users attempt to find Telegram alternatives. Once the fake Telegram-like app is installed, a trojan called Octopus is installed, which provides attackers with remote access to a victim's device.
"Once activated, the Trojan gave the actors behind the malware opportunities to perform various operations with data on the infected computer, including, but not limited to, deletion, blocks, modifications, copying and downloading. Thus, the attackers were able to spy on victims, steal sensitive data and gain backdoor access to the systems," Kaspersky explained.
Kaspersky links the scheme to a Russian-speaking cyber-espionage group called DustSquad, having found similarities in software code between this current campaign and previous ones.
DustSquad operations have been previously detected in former USSR countries in Central Asia and Afghanistan since 2014, Kaspersky said.
While this recent scheme targets Central Asian diplomatic organizations, Kaspersky said that in the past two years, they have seen 4 such campaigns with customer Android and Windows malware that targets private users too.
The method is an example of social engineering, and highlights how hacking groups may take advantage of real-world situations – in this case, a potential Telegram ban – to devise a way into people's devices and spy on them. While this particular campaign is taking place in Central Asia, it is not far from the realm of possibility for this scheme to be applied in other parts of the world, and for apps to disguise themselves as a popular program.
Kaspersky security researcher Denis Legezo advises people to be vigilant about what apps are installed on a system. Companies should also educate staff regarding digital hygiene, and to not download apps from untrusted sources. – Rappler.com
In these changing times, courage and clarity become even more important.
Take discussions to the next level with Rappler PLUS — your platform for deeper insights, closer collaboration, and meaningful action.
Sign up today and access exclusive content, events, and workshops curated especially for those who crave clarity and collaboration in an intelligent, action-oriented community.
As an added bonus, we’re also giving a free 1-year Booky Prime membership for the next 200 subscribers.
You can also support Rappler without a PLUS membership. Help us stay free and independent by making a donation: https://www.rappler.com/crowdfunding. Every contribution counts.