Search This Blog

Showing posts with label Telegram. Show all posts

Hackers attacked major Telegram channels via video on Yandex

 On November 10, hackers conducted a major attack on popular Telegram channels. Reddit's administrators completely lost access to the channel, to which 236 thousand people were subscribed. The attackers used the old scheme: they simply sent the Trojan-infected file to the administrators

Hackers stole the Telegram channel of the Reddit forum, administrators could not log in to the control panel. The Telegram channel Baza was also attacked, but the attackers failed to gain access to the channel.

The hackers had the following scheme: they offered to buy advertising space, but first they asked to watch a video with their materials, which could be downloaded from Yandex.Disk. The document could not be opened on a mobile device, and hackers offered to download it to a desktop computer.

After launching the file, the owner of the Reddit channel with 236 thousand subscribers was no longer able to access it.

General Director of the lab Studio.AG Artem Geller explained that this is a very old method of fraud, and Windows is an object for such files. Hackers, under various pretexts, send material containing malware. It allows access to the entire operating system if the victim opens the file. In this particular case, the attackers were interested in Telegram, so the Reddit account was stolen.

Can't blame Yandex.Disk for missing the Trojan. According to Geller, about 300,000 new viruses appear every day in the world, so it's simply impossible to catch them all. Moreover, it may not be a new virus, but a modification of the old one. At the same time, the Trojan has no task to destroy the computer system.

Cloud storage is a convenient way for fraudsters, because they can upload a file of any size there, unlike email. Unprotected, unencrypted files without passwords are loaded into these vaults.

According to the information security expert Alexander Vlasov, we must remember one thing: those who provide the service for free, never sign up to the fact that they will protect your files. Yes, they are trying to track malware, but within the general outline of the ecosystem.

Apple denied Durov's statement about the request to block Telegram channels about Belarus

The founder of Telegram, Pavel Durov, accused Apple of trying to "avoid responsibility for complying with its own rules" by using "tricky language". Durov wrote about this in his Telegram channel.

Earlier, Durov said that the Corporation requested the blocking of three channels dedicated to Belarus. They published photos and personal data of security forces and members of election commissions who, according to the authors, committed violations in the elections. The total number of subscribers was about 100 thousand.

According to Durov, Apple's "trick" lies in the company's claim that it does not require disabling three Belarusian channels that disclose the personal data of security forces involved in suppressing protests. Apple requires not to publish posts that disclose personal information. However, Durov notes, the company does not mention that these channels consist entirely of such posts.

"By hiding its requirements in vague words, Apple is trying to avoid responsibility for complying with its own rules", said the founder of Telegram.

"It's time for Apple to learn to take responsibility for its policies, rather than trying to hide them from users,” added he.

According to Durov, he would prefer to keep these channels. The founder of Telegram suggested that they will eventually be blocked on devices using the iOS operating system, but the channels will remain available on other platforms.

According to Apple, the company received complaints from users that their personal data, including names and phone numbers, was transmitted through channels. These complaints were passed to the messenger team, asking them to remove information that reveals someone's personal data on the Internet without their consent, as well as content aimed at specific people.

Telegram did not raise any objections, but promised to check this information and inform Apple about the results of the check.

Earlier, E Hacking News reported that a group of hackers threatens to bring down the tax, energy and banking systems of Belarus if the head of state Alexander Lukashenko does not comply with the ultimatum.

Telegram Takes Down Islamist Propaganda on its Platform, Extremist Groups Struggle


The social networks and US military have imposed high regulations to control Islamist propaganda on social media and have been able to take down Islamic State terrorist groups. After this move, experts say these groups are now struggling to recover their control on the mainstream social media apps and networks. As most of the major social networking sites have choked the group, the Islamist group has tried to build its propaganda on small sites. But even there, it has met by strong regulations by the authorities. According to Europol, an EU (European Union) law agency, the social networking companies have tried to bring down these Islamist propaganda content growing on their websites, in an attempt to take down the extremist group activities on social media.


Europol, in its report, said, "While Google and Instagram deployed resilience mechanisms across their services, Telegram was the online service provider receiving most of the referral requests during this Action Day. As a result, a significant portion of key actors within the IS network on Telegram were pushed away." These extremist groups used Telegram as their primary platform of propaganda until 2019.

According to Europol, Telegram had removed up to 5000 terrorist profiles and bots in two days, in an effort against shutting down the Islamist propaganda. Earlier, it was only able to take down 200-300 accounts on average. After that incident, the extremist groups moved towards more covert apps like the Russian "TamTam" and "Hoop Messenger." Canada hosts these websites. The IS, in apparent desperation, has also started using chat services designed for blockchain developers to spread their messages. In 2016-17, the US cyber command took action against these extremist groups. It shut down recruitment groups and suppressed their further attempts to spread the messages.

Currently, the US cyber command has presidential approval to combat IS propaganda with cyberattacks. They have also widened their jurisdiction area since then. "In the past year and a half, Telegram has also put forth a considerable effort to root out the abusers of the platform by bolstering its technical capacity in countering malicious content and establishing a close partnership with Europol," says Europol.

Pavel Durov called on Apple to oblige to install different application stores


Apple should allow users to install apps not only from its own App Store. This opinion was expressed by the founder of Telegram messenger Pavel Durov. According to him, Tim Cook (CEO of Apple) should be obligated to this at the legislative level.

The day before, high-ranking Telegram Manager, Vice President of the company founded by Pavel Durov, Ilya Perekopsky, spoke at a panel discussion with Russian Prime Minister Mikhail Mishustin and representatives of the IT industry in Innopolis. He said that Apple and Google are holding back the development of startups by charging a tax of a 30 percent Commission from app developers. Almost simultaneously with Perekopsky's speech, Durov published an article in which he called for Apple to be legally obliged to install an alternative App Store on the iPhone.

Durov is sure that if this is not done, then app developers, in particular, from Russia, will be forced to sell their startups for little money. At the same time, Apple's capitalization will only grow.
“Preventing two supranational corporations from collecting taxes from all of humanity is not an easy task. Corporations employ thousands of lobbyists, lawyers, and PR agents, and their budgets are unlimited. At the same time, app developers are scattered and scared, as the fate of their projects depends entirely on the favor of Apple and Google," wrote Pavel Durov.

The head of the TelecomDaily information and analytical agency Denis Kuskov noted that changing the market is quite difficult because these two companies are leading it. Therefore, Durov needs to accept this fact.

Durov recalled that in 2016, Apple banned the Telegram team from launching its own game platform: "We had to remove the telegram games catalog that we had already created and almost the entire platform interface, otherwise Apple threatened to remove Telegram from the AppStore." According to Durov, in a similar way the iPhone manufacturer does with many other developers.

Telegraph service was unblocked in Russia


Russia stopped blocking the popular Telegram messenger almost a month ago. However, the related Telegraph service continued to be blocked. Now Russia has also unblocked the Telegraph platform for publishing and creating articles. 

The Telegraph platform was launched by the Telegram team in November 2016. It is designed to quickly create and publish articles, notes, and other similar content, a link to which can then be easily shared. Registration is not required for publication.

The blocking of the Telegra[.]ph service in Russia began at the end of 2018, a little later than the Telegram messenger.

According to the Roskomsvoboda resource, which closely monitors the registry of blocked sites, all pages with the Telegra.ph domain, which were blocked in Russia by the decision of a particular authority, are now excluded from the blocking registry. The last two similar pages were removed from the blacklist only on July 11.

It is interesting to note, according to Press Secretary of the President of Russia Dmitry Peskov, the cancellation of restrictions on access to the Telegram messenger in Russia is perceived positively in the Kremlin, as it is in line with the course of President Vladimir Putin on the development of the high-tech industry.

The Press Secretary of the Head of State also noted as a positive fact the participation of heads of the company that owns the messenger in government events on the development of the IT industry.
Recall that in Russia since April 2018, Telegram was blocked for non-compliance with the requirements for providing encryption keys, but during the coronavirus pandemic, the government began to use the messenger to distribute official information. In this regard, the State Duma even introduced a bill to unblock Telegram.  On June 18, Roskomnadzor decided to remove restrictions on access to the messenger, the creator of which, Pavel Durov, congratulated the Russians on this event.

IM Platforms Increasingly Used by Threat Actors in Place of Dark Web Marketplaces


Researchers at IntSight have discovered that IM platforms such as WhatsApp, Telegram, Discord, IRC, and Jabber are being used by cybercriminals for advertising and putting their goods and services on sale. One of the major reason as to why cybercriminals are switching to these IM platforms from the conventional ones is 'law enforcement practices'; law enforcement operations have been targeting online darknet markets one after another. Earlier in 2017, the world's largest dark web market, AlphaBay was taken offline, sending darknet users into chaos. Immediately after, the cyberspace witnesses the shut down of Hansa, another major darknet market. As more and more major dark web markets went offline due to the law enforcement penetrations, cybercriminals are wisely migrating to new platforms.

Although threat actors are loving IM platforms, the regular cybercrime sources such as dark web markets, credit card shops, and forums are still witnessing their web usual traffic. These platforms have more advantages such as chatbots, fewer rules, and automated replies due to their core nature, unlike IM platforms that are majorly meant for communication.

While giving insights, Etay Maor, IntSights CSO, said, "Telegram appears to be experiencing the most growth, with more than 56,800 Telegram invite links shared across cybercrime forums and over 223,000 general mentions of the application across forums. Telegram is also the platform most often discussed in foreign language forums."

"Financial threat actors and fraudsters exchange stolen carding information, selling or trading all kinds of credit card dumps, and publishing methods or techniques relevant for the fraud community. In addition, there is also a trade of physical items stolen or counterfeited from organizations in the retail industry.” He added.

“While the data itself is fully encrypted and law enforcement needs sophisticated algorithms in order to decrypt it, some countries have authorized law enforcement agencies to access the private information of their citizens if sanctioned by courts or other judicial authorities – including information that lives in IM platforms. Threat actors are worried about the cooperation between technology companies and law enforcement agencies, especially in the United States.” Maor further explained.

Telegram has withdrawn its appeal against the ban on issuing Gram tokens


The company appealed the court decision in March, but then the founder of the messenger, Pavel Durov, announced the termination of work on the blockchain project

Telegram has withdrawn an appeal against a court order banning the distribution of Gram tokens as part of proceedings with the US Securities and Exchange Commission (SEC). The decision was supported by both parties, the withdrawal was carried out using the standard form based on rule 42.1 — "leaving without consideration".

The appeal was sent in March after a court banned Telegram from issuing Gram tokens.  The court ruled in favor of the SEC, which argued that the Gram tokens were unregistered securities. The court also ruled that Telegram cannot issue tokens even outside the United States since this will give US citizens the opportunity to buy these tokens outside the country as well.

The founder of Telegram in an American court said that people outside the US can vote for their presidents and elect their own parliaments, but they are still dependent on the US when it comes to technology and finance.

On May 12, the founder and CEO of Telegram Pavel Durov announced the termination of work on the blockchain project. He accused the US court of sentencing the TON project before it could be successfully implemented. Investors were offered to return 72% of their investment or sign a loan agreement with a return of 110% in a year.

After that, TON investor Vladimir Smerkis said that the majority of ICO participants are inclined to file a lawsuit against Durov. Smerkis allowed an option in which the Telegram team will need to make concessions to investors and reconsider the option of paying out funds.

Let's remind that on April 1, Federal Judge of the Southern District of New York, Kevin Castel, rejected Telegram's request to clarify the possibility of distributing Gram tokens bypassing American investors.

WhatsApp and Telegram Group Links Leaked Online



A security researcher recently discovered that a lot of WhatsApp and Telegram Group invite links that may not be up for public viewing are appearing in multiple search engines like on Google, Yahoo, Yandex, and Bing.

On Friday, researcher Jordan Wildon, a multimedia journalist at Deutsche Welle warned that owing to a critical issue, several illegal groups and activities along with genuine private groups were exposed.

In the light of the leak, various security measures have been taken by both the companies, however, to erase the links from public searches completely so that they are no longer discoverable by people to join will require much more efforts.

This critical flaw not only abused the privacy of the aforementioned messaging apps by exposing around 450,000 groups online but also allowed data mining as the phone numbers were made available directly.

Notably, these messager apps' invite links have been indexed by several search engines. Due to this indexing feature, WhatsApp and Telegram group invite links are also being displayed publicly by these search engines and the visibility increased the reach even further. Two major happenings took place due to these leaked links – Unwanted and uninvited people joined various groups through the invite links and it also paved an easy path for hackers to discover other conversations through brute force attacks.

While addressing the issue, WhatsApp has seemingly removed the invite links for groups from Google and the company also took other steps in order to prevent indexing.

Wildon took to Twitter to provide updates, "JUST IN: Google appears to have removed indexing of WhatsApp links. Other major search engines appear to still be indexing chat links."

"UPDATE: This has been fixed on Google, but results are still available elsewhere. If you’re concerned, I’d recommend going into group settings, tapping “Invite to Group via Link” then “Reset link”. he tweeted.

Pavel Durov again warned about the danger of using WhatsApp


Pavel Durov claims that the hacking of the iPhone of Jeff Bezos, the richest man in the world, occurred due to vulnerabilities in WhatsApp. Facebook which owns the messenger insists that the leak is related to the Apple device itself.

The reason for the leak of personal photos and correspondence of the founder of Amazon and the richest man in the world, Jeff Bezos, is a vulnerability in the encryption system of WhatsApp, not problems with Apple gadgets. Telegram founder Pavel Durov wrote about this in his Telegram channel.

This is how he reacted to an interview with Vice President of Facebook's Global Policy Department Nick Clegg, who said that Bezos confidential data leak was due to the iPhone. "We are confident that end-to-end encryption technology cannot be hacked," he said.

Durov recalled that a few months ago he talked about the vulnerabilities of WhatsApp, which, in his opinion, eventually led to the hacking of Bezos smartphone. At the same time, Facebook then assured that there is no evidence that attackers used this vulnerability. According to the founder of Telegram, the backdoor in WhatsApp allowed access to personal messages and photos of the richest man in the world.

Durov explained that the vulnerability used during the hacking of Bezos phone existed not only on iOS, but also on smartphones with Android and Windows. In addition, it is not available in other messengers.

Durov also accused WhatsApp management of using the phrase "end-to-end encryption" as a "magic spell" that automatically makes correspondence secure. He pointed out that the technology itself does not guarantee complete privacy. For example, WhatsApp developers may intentionally leave vulnerabilities in the app at the request of security forces from different countries. As a result, WhatsApp has no problems with the authorities, and Telegram is banned in some countries like Russia and Iran.

Russian Telegram Accounts Hacked by Intercepting One Time Password (OTP)


According to a firm Group-IB, in the last few weeks a dozen Russian entrepreneurs saw their Telegram accounts hacked. And what's disturbing is the way these accounts were accessed. The attackers intercepted the codes used to authenticate user and give access.

A Telegram App logo in QR code

 How the attackers gained access?

In normal procedure, whenever someone logs into Telegram using a different device, a one-time password (OTP), is texted to them and the user can log into their account using this secret code. Now, these hackers managed to access this one-time secret code and snooped on Telegram chats of various users.

Dmitry Rodin, one of the victims of this attack, runs a coding school in Russia. He told the media, he was given a warning by telegram, that someone is trying to access his account. He ignored the notification but another notification came saying some has successfully logged in from Samara, Russia, he immediately terminated all active sessions except for his.

Like Group-IB, he also believes that there was a problem with the telecom operators or his phone was hacked and not the messaging app Telegram. “Perhaps someone logged into my account by intercepting the SMS, which suggests that there might be a problem on the side of the telecom operator,” he said. “This means that other accounts using SMS as an authentication factor are also threatened.” 13 such cases have been reported so far.

"However, this number is likely to increase since we are speaking about a new threat, which has just started spreading,” a company spokesperson said.

 Is SS7 being abused?

The most worrying part is that One-time password (OTP) were hacked, if this hypothesis is indeed true then we are looking at a very big security threat as this technology is used in many log-ins and financial transactions. Another hypothesis is that victim's devices were hacked and the attackers were spying on their messages but Group-IB found no traces of such activity on the victims' phones. And thus Group-IB is tilting towards a mobile network SS7, that's being abused.

Forbes reported, "Think of SS7 as the part of telecom infrastructure that deals with shifting users between networks as they travel abroad. It also manages the changes in charges when traversing different nations’ networks. But in recent years, hackers have learned that if they can get leverage on that network they can silently intercept text messages. Previously, such attacks have been used in bank account breaches and by surveillance companies."

Now, this same network could be used for hacking Telegram accounts.

 Selling access to accounts on the dark web 

Group-IB also suspects that access to these accounts is being sold on the dark web-based Hydra forum for 3,900$ as well as selling access to WhatsApp messages and user info. Now, they think that these could be linked.

“What made us think that the attacks might have something in common with these advertisements is the fact that the incidents coincided with the time the posts were published,” the company spokesperson added.“But we cannot rule out that there are far more connections between these  two events, which is yet to be established in the course of an investigation.”

Group-IB reported attempts to hack Telegram of Russian entrepreneurs


The company specializing in the investigation of cybercrime Group-IB reported that attackers attempted to hack correspondence of Telegram messenger, and Russian entrepreneurs became the target of cyberattacks.

As the experts explained, at the end of 2019 several Russian entrepreneurs turned to them for help, who faced the problem of unauthorized access by unknown persons to their correspondence in the Telegram messenger.

The incidents occurred on iOS and Android, regardless of the carrier used. Group-IB believes that the attackers were able to view and copy activation codes from SMS messages that Telegram sends when activated on a new device.

Technically, the cyber attack could have been carried out using a vulnerability in the SS7 Protocol. However, attacks on SS7 are rare.

“It is much more difficult to implement such an attack, it requires certain qualifications in the field of data transmission networks and their protocols,” explained Kaspersky Lab’s antivirus expert Viktor Chebyshev.

"The attack began when a message was sent to the Telegram messenger from the Telegram service channel (this is the official messenger channel with a blue verification tick) with a confirmation code that the user did not request. After that, an SMS with an activation code was sent to the victim’s smartphone, and almost immediately a notification came to the Telegram service channel that the account was logged in from a new device,” reported Group-IB.

It is known that other people's accounts were hacked through the mobile Internet, the IP address of the attackers was most often determined in the city of Samara.

It is assumed that the attackers used disposable SIM cards. They deliberately sent SMS with the code, intercepted it and authorized in Telegram. They could buy access to tools for hacking in the Darknet from 100 thousand rubles ($1,565).

The company drew attention to the fact that in all cases, SMS messages were the only authorization factor on devices affected by hacking attempts. Accordingly, such an attack can only be successful if the “Cloud Password” or “Two-step verification” options are not activated in the Telegram settings on the smartphone.

According to anti-virus expert Viktor Chebyshev, Telegram is consistently included in the list of applications targeted by cybercriminals in various spy campaigns. Such an attack can allow attackers to gain access to the correspondence of specific people.

ICQ and Signal are the most secure messengers in Russia, says Vladimir Zykov


Vladimir Zykov believes that ICQ messenger is safer than WhatsApp, but this does not solve the problems. iOS and Android operating systems contain many vulnerabilities that are exploited by hackers.

Choosing a messenger for use, Russians are guided mainly by the advice of friends and their own feelings, said Vladimir Zykov, head of the Association of Professional Network Users and Messengers. The expert is sure that ICQ and Signal messengers are the safest in Russia. But few people use them.

In General, any messenger for a smartphone does not guarantee absolute security, because a vulnerable operating system controls the messenger.

"But if you choose secure mobile software, then the probability of hacking, of course, decreases," said the expert.

According to the expert, the situation is due to the fact that most applications run on mobile devices running the operating systems iOS and Android, developed by American companies Apple and Google. Therefore, they have access to Russian accounts.

"That is, in fact, their owners can connect to your phone and calmly watch from the screen everything that you have there," said he.

Earlier, the creator of Telegram and VKontakte Pavel Durov sharply criticized Facebook. The entrepreneur is unhappy with the protection of information in the WhatsApp messenger.
According to Durov, the application is a kind of Trojan that are not connected in any way with the messenger. This is due to the policy of the American company, which deliberately leaves security vulnerabilities.

WhatsApp, at the same time, is one of the most common messengers among Russians. In addition to it, the Viber application is popular. However, as experts say, these services do not really have high security.

Pavel Durov, the founder of Telegram advised users to remove WhatsApp from smartphones


The Creator of Telegram messenger Pavel Durov called WhatsApp application unsafe.
He recalled a recently discovered vulnerability that allowed hackers and government intelligence agencies to access user data.

"WhatsApp not only does not protect your messages, but this app is also constantly being used as a Trojan to track photos and messages unrelated to Messenger," wrote he on the Telegram channel.
According to Durov, the problem lies in the policy of Facebook, which owns WhatsApp.
Durov noted that his Telegram messenger did not encounter such vulnerabilities in six years of existence. At the same time, he doubted that WhatsApp makes mistakes in the security system due to system imperfections.

"It is very unlikely that someone can accidentally allow serious security failures, such convenient for surveillance, on a regular basis," said he.Therefore, Durov urged users to delete WhatsApp.

In addition, Durov claimed that WhatsApp, like Facebook, shared user information with almost everyone who claimed to be working for the government.

The words of the Creator of Telegram were commented by experts. Thus, the CEO of Digital platforms Arseny Shcheltsin noted that any messenger, including Telegram, has access to the files of the smartphone.

"Does the messenger use this data for its work? It's hard to say," said he.According to Shcheltsin, WhatsApp is trying to demonstrate its usefulness to investors and recoup millions of dollars in costs. And Mark Zuckerberg can consider data collection is an excellent format for the best advertising targeting.

Arseniy Poyarkov, a member of the State Duma’s expert council on the digital economy, advised users of Messengers to prepare in advance for the fact that their personal data can become available to anyone.

According to him, data leaks are almost always associated with careless actions of the user himself.
"Observing information hygiene: using VPN, foreign secure messengers, regularly deleting correspondence and unnecessary photos - you can feel safe with a high degree of confidence," concluded Poyarkov.

Putin's spokesman acknowledged the security of communications on Telegram


Communicate on Telegram is safer than on WhatsApp, said Dmitry Peskov, the special representative of the President of the Russian Federation on digital and technological development.

Recall that on September 16, Edward Snowden, a former employee of the US National Security Agency (NSA), who was granted asylum in Russia, said in an interview with a French radio station that senior officials should not use the WhatsApp messenger due to the low level of encryption. However, he added, both WhatsApp and Telegram are better than SMS or other unencrypted messages.

According to Peskov, Telegram messenger is superior to WhatsApp in terms of security, although there are no means of communication that guarantee absolute security.

"Absolutely safe means of communication does not exist. Until we made a quantum messenger, there are no safe means, " Peskov said.

Peskov also said that there is no ready-made solution for the domestic messenger for civil servants in Russia, however, there is a sense in such an application, and it will be useful.

"If we understand the physical possibility, then, of course, we will create messengers based on quantum technologies for civil servants in the Russian Federation. But for now, this is too long a story," Peskov added.

Peskov noted that at the present time Mail.ru and Sberbank are working on the creation of the Russian messenger. According to Peskov, "there are some serious developments of the domestic messengers: much work is being done in the company Mail.ru and there is a big project in Sberbank. I have not seen a solution that would be ready for implementation now."

"But, choosing between using the WhatsApp solution and using the Telegram solution, the choice of the Telegram solution from the point of view of communication security is completely obvious," said the special representative of the President of the Russian Federation.

He added that he uses both messengers.

Chinese Cyber-attack Hit Telegram Amidst Hong Kong Protests


Telegram a secure messaging app was as of late literally bombarded by a network of computers in China following the protests started by the Hong Kong government's plans to authorize another law.

On Tuesday night, as the protesters assembled close to the Legislative Building of Hong Kong, the authorities arrested the administrator of a Telegram talk group with approx. 20,000 individuals, despite the fact that he was absent at the protest site.

This law thusly enacted by the Hong Kong Government is said to enable individuals in the city to be 'extradited' to Mainland China, where the court framework is closed off from open scrutiny and firmly constrained by the Communist Party.

The uncommon estimates taken up by the Hong Kong authorities propose that the police have made their own way against the protesters, by constraining the digital communication.

Since the protesters were utilizing the present systems networking tools to summon their positions, share wellbeing tips and arrange reserves of nourishment and beverages, even as they find a way to shroud their characters. The experts reacted by tracking them where they plan their moves, recommending that they are taking cues to the manners in which China polices the internet.

Protesters and police offers like have yet brought along carried another 'technological savvy to the standoff.

Lokman Tsui, a professor at the School of Journalism and Mass Communication at the Chinese University of Hong Kong, shared his opinions with respect to the entire circumstance by saying that, We know the government is using all kinds of data and trails to charge people later on, this is why people are minimizing their footprints as much as possible, they are being much more conscious and savvy about it.”

The police used tear gas as protesters came closer to the Legislative Council building in Hong Kong on Wednesday. Protesters used the app Telegram to organize, but the police were watching.

Telegram said on its Twitter account that it had the option to settle its administrations not long after the attack started. It portrayed the overwhelming traffic as a DDoS attack, in which servers are invaded with solicitations from a planned system of PCs.

A significant number of these protesters seem, by all accounts, to be college-eyed and carefully adroit. They went to considerable lengths to keep from being captured or carefully followed. To go to and from the protesters, many remained in lines to purchase single-ride subway tickets as opposed to utilizing their digital payment cards, which can be followed. Some even standing up to the police, securing their faces with caps and covers, giving them anonymity just as some protection from the tear gas.

Beijing however is the one nation that has been accused in the past for attacks that silence political speech outside mainland China's borders.

“The bottom line is whether to trust Beijing,” said Dr. Tsui, the communications professor. “This is a government that routinely lies to its own citizens, that censors information, that doesn’t trust its own citizens. You can’t ask us to trust you if you don’t trust us.”

“These kids that are out there, all the young people, they’re smart,” he added. “They know not to trust Beijing.”

The event however presents no new challenge for Telegram, for as it has been utilized for boundless protests previously too — and has confronted numerous administration as well as government crackdowns. Some of the leading examples of nations who prohibited or obstructed its utilization include Russia, Moscow and Iran.

Durov accused the Russian authorities of trying to hack Telegram accounts of Ural journalists



Friday night, unknown persons tried to hack Telegram and Facebook accounts of famous journalists in Yekaterinburg. The Deputy Editor-in-Chief "URA.RU" Anton Olshannikov, PR specialist Platon Mamatov and the Editor-in-Chief of the site "MSTROK" (mstrok.ru) Natalia Vakhonina suffered from the actions of the unknown hacker. In addition, unknown persons attempted to gain access to the telegram channel of the portal "Momenty" (https://tlg.name/s/momenty_ekb/3292). It is interesting to note that all of them actively wrote about the protests against the construction of the temple in Yekaterinburg.

Hackers tried to log into the accounts of journalists from a desktop computer, the IP-address of which is registered in Spain, namely in Madrid. The two-factor authentication stopped hackers, but they managed to get confirmation codes from SMS. One of the victims asked for clarification to his mobile operator to find out how the attackers were able to enter the code, but he received the answer that the office does not "advise on these issues."

The journalists drew attention to the fact that they all actively participated in coverage of the protests related to the construction of the Church of St. Catherine in the Park near the Drama Theater in Yekaterinburg. From May 13 to 18 a number of unauthorized rallies of opponents and supporters of the Cathedral in the public garden took place in Yekaterinburg. About 100 people were detained in four days. After that, President Vladimir Putin intervened in the situation, who invited the local authorities to conduct a survey of citizens about their attitude to the construction project. On May 22, the survey data were published, showing that the majority of Yekaterinburg residents (74%) oppose the construction of a Temple.

The Creator of Telegram Pavel Durov said that Russian authorities tried to hack telegram accounts of Ural journalists. He connects the attack with the protests that continued in Yekaterinburg all last week.

“It reminds us that the authoritarian Government will stop at nothing to violate the privacy of its citizens,” wrote Pavel Durov in his Telegram channel. He emphasized that all hacking attempts failed.

Telegram's 'secret chat' feature stores conversations in plain text



The desktop variant for Telegram for dispatched a new feature called 'secret chats' for the users who wish for complete privacy for their communication. It occurred in this way, that the Telegram secure messaging app was unsuccessful in protecting the chat content locally and thusly offered access to plain text conversations and media that generally was encrypted.

Since Telegram's attention towards administering secure communication is notable the application utilizes encryption to guarantee that an outsider can't peruse the conversations on their way to the 'destination' and by using end-to-end encryption it ensures that just the sender and the receiver can get to the content.



These safety measures are against altering or breaking privacy in transit; the conversations and media files Telegram Desktop stores locally are genuinely simple to access and read since they are not encoded.

Nathaniel Suchy, a reverse engineer and software developer, was, fortunately, able to peruse the application's database and the messages spared there. Suchy said that  “Telegram uses a somewhat difficult to read, but otherwise, not encrypted, SQLite Database to store messages. By analyzing raw data converted to a simpler viewing format, I also found names and phone numbers that could be correlated to one another. Even so, the information is not easy to read, but custom scripts could help make the details stand out in a more intelligible way and automate the extraction.”


The researchers have proven the 'secret chat' feature as it turned out that every one of the messages goes to a similar database, regardless of whether they gain from end-to-end encryption or not. Even Media documents are not far behind as they have a very comparative destiny.

Telegram Desktop features highlights passport protection to counteract unapproved access to the application, yet this security choice does not include encryption. A technically knowledgeable and excessively inquisitive computer user could still be able to access some other users' chats.


Ensuring the information saved locally is conceivable by empowering full disk encryption from the operating system. This is accessible on Windows through BitLocker, on macOS through FileVault; the feature is available on Linux too.





Zero Day Telegram Vulnerability Exploited by Hackers for Cryptomining

Kaspersky Lab has revealed that in October 2017, they had discovered a flaw in Telegram Messenger’s Windows desktop client that was being exploited “in the wild”. According to Kaspersky, the flaw has allegedly been by Russian cybercriminals in a cryptomining campaign.

The Telegram vulnerability involves the use of an RLO (right-to-left override) attack when the user sends a file through the messenger.

RLO Unicode method is primarily used for coding languages that are written right-to-left, such as Hebrew or Arabic, but hackers can use it to trick users into downloading malicious files. When an app is vulnerable to attack, it will display a filename incompletely or in reverse.

Kaspersky has said that it seems that only Russian cybercriminals were aware of this flaw and were exploiting it — not to spread ransomware but cryptomining malware.

The attacks enabled cybercriminals to not just spread the cryptomining malware but also to install a backdoor to remotely control victims’ computers.

“We don’t have exact information about how long and which versions of the Telegram products were affected by the vulnerability. What we do know is that its exploitation in Windows clients began in March 2017,” read the report Kaspersky published on the flaw.

In the report, Alexey Firsh, cyberthreat researcher at Kaspersky, has outlined several scenarios that show cases of how the vulnerability was actually exploited.

He also wrote that Telegram was informed of this flaw and it no longer occurs in their products.

Pavel Durov says they are Not closing Telegram service in Russian and Iran


Just a few days ago, Russian and other media reported that Telegram CEO Pavel Durov is ready to close his business in Russia or Iran. However, Durov denied in his VKontakte(VK) account that it is an incorrect information.

In the VK post, he said that Telegram will to continue to provide a secure messaging service in problem markets like Russia and Iran, despite the pressure of regulators and the threat of blocking. But, the media came up with different headlines saying "Durov announced his readiness to close Telegram", "Durov threatened to close Telegram in Russia". However, Durov said that some Russian media like Meduza, Vedomosti, DP.ru has provided correct information.

"Russian media often quote inaccurate translations of what I publish on Twitter and my channel." Durov said in VK.

Recently, Iran opened a criminal case against Telegram CEO stating that the Telegram is being used by pedophile for distributing child pornography.

"I am surprised to hear that. We are actively blocking terrorist and pornographic content in Iran. I think the real reasons are different." Durov responded to the accusation in his twitter account.

Recall that just a few weeks ago, the Russian Federation threatened to block Telegram and reported that this encrypted messenger was actively used by Islamic radicals during the preparation of the bombings in Saint-Petersburg subway. The head of the Ministry of Communications and Mass Media said: "Telegram will be blocked, if it will work not in accordance with the current Russian legislation".

Durov hopes that the legal situation in the Russian Federation and Iran will change in future.

- Christina

 

Telegram founder agrees to register in Russia but won't share user data



The Telegram's founder Pavel Durov has agreed to register the company in Russia, after getting pressure from the local authorities.

Few days ago, the Russian communications regulator Roskomnadzor has demanded Telegram to provide information about the messaging app and company details.  The authorities also said this encrypted messaging app is being used by terrorists to plan attacks.

The authorities asked to give access to decrypt messages in order to catch terrorists. Authorities threatened to ban the Telegram, if the company fails to do so.

At first, Durov didn't agree with the demands.  Now, he is agreed to register the company with the Russian government.

"If the Telegram is banned in Russia, it will not happen because we refused to provide details about our company" Durov said in the social network VK.

Roman Jelud, a Professor from dataVoronezh State University, shared his opinion to Regnum that news about "Telegram ban" itself is a PR stunt.  This will only help the Telegram to gain more number of users.  Few days back itself, Roman said that Durov is using this for his PR and eventually Durov is going to agree to provide the required five points of information.

Though Durov says that they are only registering the company in Russia and will not share the users' secret data with the government, it will be hard to know whether it is true or not.

Russia is not only the government that is interested in the Telegram messenger. Last week, Durov stated that US Federal officers want to add a backdoor to the app.

- Christina