Search This Blog

Showing posts with label Telegram Messenger. Show all posts

Scammers Target Coindesk ;Impersonating Reporters and Editors in the Last Months


Scammers have a new target and this time its CoinDesk as they try to impersonate CoinDesk reporters and editors in the last few months, promising inclusion of projects in return for a fee.

At least two unique victims have paid hundreds of dollars in bitcoin and ether to these convicts and reached CoinDesk just subsequent to acknowledging that something wasn't right.

Thus CoinDesk makes it explicitly clear through an announcement that the news site doesn't, and will never, accept payment for coverage. They cautioned their users by informing them that in the event that they are being reached out by somebody professing to be one of CoinDesk's reporters on Telegram or LinkedIn, and that individual requests payment, then they should know that the account connecting to them is a fraud and should report it to the concerned social media platform right away, and to CoinDesk immediately, by emailing fraud@coindesk.com.

If possible, it would be ideal if the users could incorporate screenshots of what was written. On the off chance that the user has to affirm that they are, indeed, in contact with a CoinDesk staff member they are welcomed to at email news@coindesk.com.

Now that CoinDesk has been ensnared in various scams, they wish to clarify what is being done and how. Most of the victims are said to have received a Telegram message like this one:


This to and fro between the scammer and the news editor is generally well disposed and, in certain nations where associations regularly pay for news coverage, 'expected'.

The opportunity is straightforward and simple: Send the scammer $500 or so in bitcoin and get onto CoinDesk's front page.

There is typically some 'to and fro' and a portion of these scammers have come 'sophisticated' to the point that they are mocking CoinDesk email addresses to "confirm" their identities. One 'con-artist' even forged a CoinDesk editor's passport to "confirm" their identity.

Hence, CoinDesk advises its users that it's working with the new site's legal counsel and tech group to discover ways for impeding these impostors and in the meanwhile, requests the users to kindly verify the handles of the accounts contacting them.

The clients can likewise email the writer or the editor directly in the event that they have any inquiries.

WhatsApp, Telegram Data Stored on Phones is Vulnerable to Cyber Attacks



The data saved by users onto their devices through social messaging apps, Whatsapp and Telegram is vulnerable to cyber attacks and can be exploited by malware with access to external storage, as per the security researchers at Symantec.

End-to-end encryption prevents user data from being read or secretly modified, it led users into believing that their communication is highly secured and their conversations are protected against being accessed by third-party apps. However, the findings at Symantec have made users reconsider the whole idea of data protection via encryption.

The media exchanged on WhatsApp and Telegram gets stored in either of the two storages, external or internal. Now, if the data is stored in the victim's external storage and the malware enters his mobile device, it is configured to gain easy access to these saved files and exploit it subsequently. Moreover, the malware can acquire access to this data even prior to the users, according to The Verge.

After examining the issue, WhatsApp released statements telling that the corresponding updates are under progress with Android's ongoing development.

Referencing from the statements given by a WhatsApp spokesperson, “WhatsApp has looked closely at this issue and it’s similar to previous questions about mobile device storage impacting the app ecosystem. WhatsApp follows current best practices provided by operating systems for media storage and looks forward to providing updates in line with Android’s ongoing development,”

"WhatsApp follows guidelines from Android including: 'You should use external storage for user data that should be accessible to other apps and saved even if the user uninstalls your app, such as captured photos or downloaded files.' We store files in the same manner as other messaging apps (like Viber), email (like Gmail), and file storage apps (like Dropbox)," he added.

Commenting on the upcoming Android update, he informed, "The suggested changes here could both create privacy complications for our users and limit how photos and files could be shared."

Telegram Describes the DDoS Attack in Layman terms



The popular messaging app, Telegram, is being hit by a powerful distributed denial of service (DDoS) attack due to which it was down for users all around the world. The services were terminated for about an hour and during this period, the encrypted messaging service, 'Telegram' commented on the working of a DDoS attack.
“We’re currently experiencing a powerful DDoS attack, Telegram users in the Americas and some users from other countries may experience connection issues.” Telegram tweeted.
The company explained a DDoS attack as when “your servers get GADZILLIONS of garbage requests which stop them from processing legitimate requests. Imagine that an army of lemmings just jumped the queue at McDonald’s in front of you – and each is ordering a whopper,” 
 “The server is busy telling the whopper lemmings they came to the wrong place – but there are so many of them that the server can’t even see you to try and take your order.”
The attack was not the first of its kind; the company’s services were disrupted by a similar attack four years ago as well. During that incident, the company’s chief executive, Parel Durov and other officials denied commenting on who was responsible for the DDoS attacks.
In one of its tweets, the company talks about a bright side of these DDoS attacks and says, "There's a bright side: All of these lemmings are there just to overload the servers with extra work – they can't take away your Big Mac and Coke,"
"To generate these garbage requests, bad guys use 'botnets' made up of computers of unsuspecting users who were infected with malware at some point in the past. This makes a DDoS similar to the zombie apocalypse: one of the whopper lemmings just might be your grandpa," Telegram further tweeted to elaborate on how hackers carry out a DDoS attack successfully.



Telegram hit by DDoS attack





A most secure messaging app Telegram has been hit by a "powerful" distributed denial-of-service (DDoS) attack on Wednesday morning.

The app was down for many users across the globe, but people in the United States were most badly affected by this attack, according to DownDetector.

The  company said in a tweet, ‘We’re currently experiencing a powerful DDoS attack, Telegram users in the Americas and some users from other countries may experience connection issues.’

The app was down for just a little over an hour, and in the meantime, the company tweeted an explanation of how a DDoS attack works.

"Imagine that an army of lemmings just jumped the queue at McDonald's in front of you – and each is ordering a whopper," Telegram tweeted. "The server is busy telling the whopper lemmings they came to the wrong place – but there are so many of them that the server can't even see you to try and take your order."

The firm described the whole mechanism of how hackers accomplish a DDoS attack.

"To generate these garbage requests, bad guys use 'botnets' made up of computers of unsuspecting users which were infected with malware at some point in the past. This makes a DDoS similar to the zombie apocalypse: one of the whopper lemmings just might be your grandpa," the company said in another tweet.

However, Telegram said that every users’ data was safe, there was no kind of data hack through the whole attack. 

"There's a bright side: All of these lemmings are there just to overload the servers with extra work – they can't take away your Big Mac and Coke," the company tweeted.

Telegram refused to respond to a request for comment. 





Telegram Messenger Leaks IP Addresses of Users



Dhiraj Mishra, a security researcher from Mumbai, India found that under specific conditions, the Telegram desktop clients for Windows, Mac, and Linux would uncover users' IP address, notwithstanding when the user was configured to protect this data.

Despite the fact that the program describes itself similar to a protected and private correspondence application, yet the researcher has demonstrated that in its default design it would permit a user's IP address to be leaked when making call.

The leak, happening just amid voice calls, happened notwithstanding when the "Peer-to-Peer" connection choice was set to "Nobody." A Peer-to-Peer connection isn't private by outline, as it directly exposes the two participants.

P2P Settings in Telegram for iOS

When utilizing Peer-to-Peer to begin Telegram calls, however, the IP address of the person you are conversing with will show up in the Telegram console logs. Not all forms incorporate a console log. For instance, Windows does not show a console log in their tests, while the Linux variant does.

The Telegram application indicates that users can keep their IP address from being disclosed by changing the setting as doing it will make the user's calls to be steered through Telegram's servers, which would then shroud the IP address, however at the expense of having a slight abatement in sound quality.

Dhiraj, the researcher even shared a Proof of Concept video to BleepingComputer that showed how the IP addresses were leaked. Where he explained about the 3 IP's that leak:

1. Telegram server IP (That's Ok)

2. Your own IP (Even that's okay too)

 3. End user IP (That's not okay)

IP address leak in Telegram console log

The issue since its revelation has been a matter of deep concern that was patched by telegram with the release of Telegram for Desktop v1.4.0 and v1.3.17 beta.

Nevertheless telegram clients who particularly utilize the application for its obscurity highlights are advised to update their desktop clients at the earliest opportunity to patch the bug that has the ability to very easily leak their IP address.