Hackers attacked Telegram channels via video on Yandex
On November 10, hackers conducted a major attack on popular Telegram channels. Reddit’s administrators completely lost access to the channel, to which 236 thousand people were subscribed. The attackers used the old scheme: they simply sent the Trojan-infected file to the administrators
Hackers stole the Telegram channel of the Reddit forum, administrators could not log in to the control panel. The Telegram channel Baza was also attacked, but the attackers failed to gain access to the channel.
The hackers had the following scheme: they offered to buy advertising space, but first they asked to watch a video with their materials, which could be downloaded from Yandex.Disk. The document could not be opened on a mobile device, and hackers offered to download it to a desktop computer.
After launching the file, the owner of the Reddit channel with 236 thousand subscribers was no longer able to access it.
General Director of the lab Studio.AG Artem Geller explained that this is a very old method of fraud, and Windows is an object for such files. Hackers, under various pretexts, send material containing malware. It allows access to the entire operating system if the victim opens the file. In this particular case, the attackers were interested in Telegram, so the Reddit account was stolen.
Can’t blame Yandex.Disk for missing the Trojan. According to Geller, about 300,000 new viruses appear every day in the world, so it’s simply impossible to catch them all. Moreover, it may not be a new virus, but a modification of the old one. At the same time, the Trojan has no task to destroy the computer system.
Cloud storage is a convenient way for fraudsters, because they can upload a file of any size there, unlike email. Unprotected, unencrypted files without passwords are loaded into these vaults.
According to the information security expert Alexander Vlasov, we must remember one thing: those who provide the service for free, never sign up to the fact that they will protect your files. Yes, they are trying to track malware, but within the general outline of the ecosystem.