A large malicious campaign promotes fake WhatsApp and Telegram sites to infect Android and Windows devices.
Researchers from cybersecurity firm ESET have identified dozens of websites posing as the two instant messaging services.
Crypto wallets in the sights
These copies offer to download or use a fake WhatsApp or Telegram application, usually on Android and Windows operating systems. Most of these applications host clipper-type malware, capable of stealing or modifying the contents of the clipboard.
Another feature of the malware in question is the use of optical character recognition, which makes it possible to interpret the text of screenshots saved locally on its terminal. This ability allows it to steal credentials appearing on a screenshot, a technique (extremely insecure and which we do not recommend) used by some users to keep their login information at hand.
The main objective of this campaign is to target victims’ cryptocurrency wallets. Some versions of the malware manage to modify the address of a crypto wallet, which they were able to access by recovering the recovery phrases stored on the mobile via screenshots.
Sites promoted by YouTube videos and Google Ads
On Windows, variants of the attack involve using a Trojan horse to gain remote access to the device and steal cryptocurrencies stored in wallets installed on the machine.
Another type of malware will spy on Telegram conversations to spot messages relating to cryptocurrency. When a keyword is recognized by the malicious script, it will send the full message in which it appears to the hackers’ server, who then hope to obtain identifiers.
Fake WhatsApp and Telegram sites are distributed by scam YouTube channels that redirect users to these copies. The videos are themselves highlighted on search engines thanks to Google Ads. The main targets seem for the moment to be Chinese, but caution is called for: Europe is not immune to an attack of this kind.
Download
- Social functions.
- Many customization options.
- Video calls to 30 participants.
Telegram ranks high among instant messaging apps. Its availability on a large number of platforms, the encryption of data exchanged and its group chat features make it an application that stands out from the rest.
Telegram ranks high among instant messaging apps. Its availability on a large number of platforms, the encryption of data exchanged and its group chat features make it an application that stands out from the rest.
Source : TheHackerNews
0