Telegram is a constantly growing instant messaging service with the client apps available for mobile and desktop platforms.

These include iOS, Android, macOS, Linux, and Windows. However, an active malvertising campaign seems to be targeting the Telegram desktop client for Windows.

Telegram-logo-inline-new

The information comes from Jannis Kirschner, a Swiss Security Researcher, who came across the said malware campaign while searching for the desktop app on Google.

As per Kirschner’s analysis, several Google results for the Telegram Windows client were part of the malware campaign.

These three fake links i.e., telegramdesktop.org, telegramdesktop.com, and telegramdesktop.net, were rigged with malware instead of the supposed Windows binary files.

Telegram-desktop-app-fake-Google-results
The highlighted result was a fake link containing malware

While all three links have now been archived by Kirschner’s team, their analysis led them to the origin.

This was possible because of numerous OpSec errors made by the perpetrators while materializing the fake Telegram malware campaign.

Moreover, the second stage of the attack was also outlined by the vulnerability researcher where a common info stealer, AZORult, gets installed on the target machine.

Telegram-desktop-malware-campaign
The link for Windows executable was rigged with malware

It is good to see that measures to pull down the fake Telegram Windows client links have already been taken.

Nevertheless, the perpetrators are still out there and are probably devising a new attack strategy.

So, it is always better to keep an eye on the finer details while visiting popular sites or downloading popular apps as these are the most common targets for such malpractices.

Malware-campaign-link-blocked
One of the links got blocked by Google Chrome

That said, we will be back with more such stories once new information becomes available so stay tuned.

In the meantime, you can check out our dedicated Windows and Telegram sections to get the latest updates on the topics.

PiunikaWeb started as purely an investigative tech journalism website with main focus on ‘breaking’ or ‘exclusive’ news. In no time, our stories got picked up by the likes of Forbes, Foxnews, Gizmodo, TechCrunch, Engadget, The Verge, Macrumors, and many others. Want to know more about us? Head here.

Tags

Telegram Telegram desktop app Telegram malware campaign Telegram Windows
user-profile user-profile

Deveshwar Bhardwaj
862 Posts

I'm a techy who is particularly fond of Android smartphones. A writer who usually finds himself on the other side of the spectrum. An artist who likes to sing and play the guitar. Also a photographer when in the mood.

Next article View Article
Apps

[April 07, 2021: Funimation down] Funimation site/server down (not working), users getting 'unable to connect' error

This story is being continuously updated…. New updates are being added at the bottom….. Original story follows: Funimation, a anime service which describes itself as industry leader of anime in...
Apr 07, 2021 0 Min Read