Visit our new website: worldnews.easybranches.com

Critical Telegram flaw under attack disguised malware as benign images

  • Wed, 14 Feb 2018 16:46

Enlarge (credit: Kaspersky Lab)

Makers of the Telegram instant messenger have fixed a critical vulnerability that hackers were actively exploiting to install malware on users' computers, researchers said Tuesday.

The flaw, which resided in the Windows version of the messaging app, allowed attackers to disguise the names of attached files, researchers from security firm Kaspersky Lab said in a blog post. By using the text-formatting standard known as Unicode, attackers were able to cause characters in file names to appear from right to left, instead of the left-to-right order that's normal for most Western languages.

The technique worked by using the special Unicode formatting *U+202E* which causes text strings following it to be displayed from right to left. As a result, Telegram for Windows converted files with names such as "photo_high_regnp.js" to "photo_high_resj.png," giving the appearance they were benign image files rather than files that executed code.

Read 2 remaining paragraphs | Comments

Biz & IT – Ars Technica

Tags


US Weekly

Related Stories

Cryptocurrency-mining criminals that netted $3 million gear up for more
  • Tue, 20 Feb 2018 13:45

Enlarge / Money. (credit: AMC) Researchers have uncovered what they said is one of the biggest malicious currency mining operations ever, with more ...

Nigeria Boko Haram: Schoolgirls escape militant attack
  • Tue, 20 Feb 2018 12:27

Girls in north-eastern Nigeria manage to flee when the jihadists attack their school. BBC News - Africa

Google’s software can predict whether you’re at risk of a heart attack by looking at your eyes
  • Tue, 20 Feb 2018 10:27

By looking at the human eye, Google’s algorithms were able to predict whether someone had high blood pressure or was at risk of a heart attack o...

After Florida School Shooting, Russian ‘Bot’ Army Pounced
  • Tue, 20 Feb 2018 09:54

Twitter accounts suspected of having links to Russia were focused on Robert Mueller. But after news broke about the shooting, they quickly changed the...

Advertising: Google Chrome Now Blocks Irksome Ads. That’s a Good Thing, Right?
  • Tue, 20 Feb 2018 07:54

The brower’s latest update filters out pop-up ads and other annoyances. It also strengthens Google’s grip on the web. NYT > Technology

Why the iPhone Is Losing Out to Chinese Devices in Asia
  • Tue, 20 Feb 2018 06:56

(WSJ) The iPhone X has set a new benchmark for smartphone prices and bolstered Apple Inc.’s bottom line, but i...

Indonesia's Sinabung volcano unleashes towering ash column
  • Tue, 20 Feb 2018 03:53

Rumbling Mount Sinabung on the Indonesian island of Sumatra has shot billowing columns of ash more than 5,000 meters (16,400 feet) into the atmosphere...

Bitcoin Thieves Threaten Real Violence for Virtual Currencies
  • Tue, 20 Feb 2018 02:50

Criminals have been going after big holders of Bitcoin and Ether, taking advantage of the ease with which vast virtual currency riches can be transfer...

Barely disguised 2019 Toyota Supra spied in the snow
  • Tue, 20 Feb 2018 01:53

Filed under: Spy Photos,Toyota,Coupe,Performance We get a good look at the tail end.Continue reading Barely disguised 2019 Toyot...

Molly wants to use your online presence to create an automated knowledge base
  • Tue, 20 Feb 2018 01:49

 Isn’t it frustrating when you ask a friend a question knowing that these specific answers are certainly already accessible on social media...

Kidtech startup SuperAwesome is now valued at $100+ million and profitable
  • Tue, 20 Feb 2018 00:51

 Technology companies like Facebook and Google are scrambling to catch up to the fact that the kids have joined a web originally built for adults...

Residential solar is cheap, but can it get cheaper? Paths to $0.05 per kWh
  • Mon, 19 Feb 2018 23:48

Tesla smooth black glass solar roof tiles. (credit: Tesla) The price of solar panels has fallen far and fast. But the Energy Department (DOE) wants...


News Categories