February 14, 2018

Telegram security flaw left computers vulnerable to cryptocurrency mining

Security vulnerabilities have been discovered hiding in the secure messaging app Telegram, leaving users at risk of cyber attacks.

The zero-day vulnerability was discovered by Kaspersky Lab researchers in October and published this week in a blog post. The flaw was found in the Telegram Messenger’s Window app, leaving some of the app’s 100m subscribers at risk of attacks.

According to Kaspersky Lab, the flaw was developed by Russian cyber criminals and mainly deployed in Russia. It could allow a bot to silently deploy malicious tools in a target’s computer.

In addition, the Kaspersky researchers found that this could also allow cyber criminals to use a target’s computer for cryptocurrency mining. This is increasingly becoming a new form of malware.

What was said:

Kaspersky Lab said:

“It appears that only Russian cyber criminals were aware of this vulnerability, with all the exploitation cases that we detected occurring in Russia. Also, while conducting a detailed research of these attacks we discovered a lot of artefacts that pointed to involved by Russian cyber criminals.

“We don’t have exact information about how long and which versions of the Telegram products were affected by the vulnerability. What we do know is that its exploitation in Windows clients began in March 2017. We informed the Telegram developers of the problem, and the vulnerability no longer occurs in Telegram’s products.”

Why it matters:

Telegram positions itself as the most secure messaging app available but in actual fact, it doesn’t live up to the hype. The security issues detailed by the Kaspersky Lab researchers are just one of a long line of problems Telegram has had to deal with.

For one, its 100m users believe that all the messages they send are encrypted. This prevents anyone apart from the two people involved in the conversation from seeing what was said. However, Telegram is not end-to-end encrypted, the highest level of encryption, used in apps such as Wire and Whatsapp.

Wire, for instance, uses the Signal protocol, a proven method of encryption. Instead, Telegram uses its own protocol, MTproto. This isn’t regarded with the same caliber as Signal amongst security researchers and has some major flaws.

Given the app’s popularity, Telegram needs to do more to assure its users that its platform is safe and secure.


Telegram was developed in 2013 by Russian-born Pavel Durov. He built the app because of his disdain for other messaging apps out there.

Since it was launched nearly five years ago, Telegram often finds itself marred in controversy. It is known as the app of choice for so-called Islamic State (Isis) fighters, in part due to the 100,000 member groups the app supports.

It is regularly criticised by governments across the world for this.

Earlier this year, Iran tried to restrict access to the app, which is used by more than 50 percent of the country’s population. This was because footage and information about anti-government protests were being spread using Telegram.

Verdict deals analysis methodology

This analysis considers only announced and completed cross border deals from the GlobalData financial deals database and excludes all terminated and rumoured deals. Country and industry are defined according to the headquarters and dominant industry of the target firm. The term ‘acquisition’ refers to both completed deals and those in the bidding stage.

GlobalData tracks real-time data concerning all merger and acquisition, private equity/venture capital and asset transaction activity around the world from thousands of company websites and other reliable sources.

More in-depth reports and analysis on all reported deals are available for subscribers to GlobalData’s deals database.

Topics in this article: ,