Telegram has a reputation for high-end privacy and security, but that doesn’t make it immune to breaches. Security researcher Dhiraj Mishra discovered that Telegram’s desktop version was leaking both public and private IP addresses whenever users made voice calls to its peer-to-peer framework.
While the mobile app offers the option to turn off peer-to-peer calls and keep the information intact, the desktop version offered no such choice. This could open the users to attack or reveal their exact location. Telegram has fixed the issue in both the 1.3.17 beta and 1.4 versions by offering an option to disable peer-to-peer calling entirely or limit it to their contacts. Mishra received a €2,000 (about $2,300) bounty for the find.
Many apps in the past have fallen prey to such issues. Besides, the mining of cryptocurrencies is a lucrative business. But why shell out hefty sums to buy this mining equipment when you can hijack other people’s mobiles and computers to do the same for you? Now that’s what the hackers are up to. According to Malwarebytes, hackers managed to breach the security barrier of millions of Android phones through malicious ad redirect scam. The exact method is yet to be determined, but it seems the users downloaded the malicious apps that redirected them to a website. The website directly prompted that it was using the infected device to mine the cryptocurrency, and would only stop if the user enters a valid CAPTCHA code. The average of time spent by users on this malicious site was around four minutes, but the site had over 30 million visitors per month. If we add the numbers, it is evident that the hackers have mined a huge crypto amount. A report said that since its first appearance in December 2015, the SamSam ransomware has raked in almost $6 million by targeting organizations and individuals around the world, including those in India. According to the 47-page report, 74 percent of the known victims are based in the United States. Other regions known to have suffered attacks include Canada, the U.K., and the Middle East, with India ranking sixth among the top victim countries across the world.