Coindesk Logo

Telegram Founder: Crypto Mining Malware Attack Isn't Due to App Flaw

Telegram Founder: Crypto Mining Malware Attack Isn't Due to App Flaw

Telegram Founder: Crypto Mining Malware Attack Isn't Due to App Flaw

A cybersecurity firm says Telegram has been exploited for crypto mining by hackers, but the messaging app's founder says it is not to blame.

A cybersecurity firm says Telegram has been exploited for crypto mining by hackers, but the messaging app's founder says it is not to blame.

A cybersecurity firm says Telegram has been exploited for crypto mining by hackers, but the messaging app's founder says it is not to blame.

AccessTimeIconFeb 13, 2018, 7:00 PM
Updated Aug 18, 2021, 8:11 PM

Presented By Icon

Election 2024 coverage presented by

Stand with crypto

Russian cybersecurity firm Kaspersky Lab reported today that a vulnerability in Telegram's messaging app had been exploited to turn desktop computers into unwitting crypto-miners – a claim that the firm's founder is pushing back against.

The cyberattacks were uncovered by Kaspersky Lab, a global cybersecurity software provider, who reports that the covert mining operations have been underway since March of 2017. Kaspersky said that the attacks were possible because of a zero-day vulnerability.

"We have found several scenarios of this zero-day exploitation that, besides general malware and spyware, was used to deliver mining software – such infections have become a global trend that we have seen throughout the last year," Alexey Firsh, a Kaspersky Lab analyst said in a statement today.

Yet Pavel Durov, who founded the popular messaging app, has taken to his own Telegram channel in order to downplay the report.

"As always, reports from antivirus companies must be taken with a grain of salt, as they tend to exaggerate the severity of their findings to get publicity in mass media," he said. He went on to claim that what Kaspersky had uncovered was not a "real vulnerability on Telegram Desktop," and that cybercriminals could not access users' computers without them first opening a malicious file.

"So don't worry," he told the channel, "Unless you opened a malicius [sic] file, you have always been safe."

Cybercriminals reportedly used the malware to garner monero, zcash and fantomcoin, among other cryptocurrencies, per Kaspersky's report. The firm says evidence indicates that the malware has Russian origins, and notes that, in some cases, it is used as a backdoor through which hackers can silently control a computer. In the course of analyzing malicious servers, Kaspersky also said it found "archives containing a Telegram local cache that had been stolen from victims."

As the profits associated with mining have increased, mining malware has become more common.

CoinDesk reported yesterday that more than 4,000 U.K websites, including government sites, had been infected with mining malware, prompting the U.K. Information Commissioner's Office to take down its website. Likewise, in another significant case last month, it was discovered that Google's DoubleClick ad services were hijacked to distribute mining malware on prominent sites like YouTube. This has put additional pressure on developers to ensure user safety.

Image via Shutterstock

Disclosure

Please note that our privacy policy, terms of use, cookies, and do not sell my personal information have been updated.

CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. CoinDesk has adopted a set of principles aimed at ensuring the integrity, editorial independence and freedom from bias of its publications. CoinDesk is part of the Bullish group, which owns and invests in digital asset businesses and digital assets. CoinDesk employees, including journalists, may receive Bullish group equity-based compensation. Bullish was incubated by technology investor Block.one.


Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.