Geeks for your information News Privacy & Security News v
Researchers find Telegram bot chatter is actually Windows malware commands
Researchers find Telegram bot chatter is actually Windows malware commands
silversurfer Offline
Staff Member
******
Posts: 3,885
Threads: 3,283
Thanks Received: 5,064 in 3,838 posts
Thanks Given: 6,200
Joined: 12 September 18
#1
18 January 19, 23:20
Quote:Decrypted Telegram bot chatter was found to actually be a new Windows malware, dubbed GoodSender, which uses the messenger platform to listen and wait for commands.

Forcepoint researchers discovered what it described as a “fairly simple” year old malware that creates a new administrator account that enables remote desktop once it infects a victim’s device.

The attacker then uses Telegram to communicate with the malware and send HTTPS protected instructions.

The malware also revealed a vulnerability in Telegrams BOT API. Because the messages were sent by Telegram Bot API, and not between regular users, anyone knowing a few key pieces of information can snoop on the bot chatter and even recover full messaging histories of the target bot. Regular user’s messages are also protected with in-house MTProto encryption.

Source: https://www.scmagazine.com/home/security...-commands/

Report by Forcepoint: https://www.forcepoint.com/blog/security...egram-bots
[-] The following 1 user says Thank You to silversurfer for this post:
  • harlan4096
Find
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:

[-]
Recent Posts
XYplorer
What's new in Rele...Kool — 07:52
QOwnNotes
26.3.23  A warnin...Kool — 07:50
XYplorer
What's new in Rele...Kool — 09:30
Sysinternals Suite 3.26.2026
What's New (March ...harlan4096 — 11:40
AxCrypt 3.0.0.83
AxCrypt 3.0.0.83: ...harlan4096 — 11:39

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
No upcoming birthdays.

[-]
Online Staff
There are no staff members currently online.

>