According to a research by Check Point Software Technologies, the malware analyst named Omer Hofman has indicated that Telegram is becoming a hub for threat actor’s activity. Even whatsapp has brought new policies and settings to control those illicit activities in its platform. Since Telegram now become a competitor to Whatsapp, it’s gain a huge popularity as well, and where’s the popularity, the chances of danger also increases.
Based on the researches, Telegram is being used as a command and control system for spreading digital weapons. As per the Check Point Research, a remote access trojan named ToxicEye is noticed that has crop up over 130 attacks within just three months.
The aforementioned remote access trojan ToxicEye is being spread through a .exe file which is distributed through phishing emails. Although, phishing emails is a very old technique, still it’s being widely used to distribute and install ToxicEye on targeted machines. Once the infection is inside, it starts to steal data, deletes processes, hijack computer’s microphone or camera, and even encrypt the stored files to demand a hefty ransom fee.
This malware is actually being monitored by hackers through Telegram, under which the communication is held through C&C server. Also, the malware use to dump its stolen data on same server. Although, there can be various specific reasons why xyz is popular amongst bad actors, a user should always be preventive against any traits while dealing with them on Telegram.