A new Telegrammalware has been created, dubbed Elcheron. It joins crypto-focused groups to steal account credentials and crypto wallets, stated SafeGuard.
According to the report, the malware was distributed by Telegram users by an “Smokes Night user,” who drops infected files into chat rooms and then leaves no comment.
SafeGuard explained that the Echelon sample we analysed targets credentials and crypto wallets. It also has fingerprinting capabilities. This allows attackers to access victims’ crypto assets.
The malware can also steal credentials from various messaging, File Transfer Protocol (FTP) and Virtual Private Networks (VPN) platforms. This could be used to launch social engineering attacks in future.
However, users can make some simple adjustments to increase security.
They must first disable automatic media downloading and activate privacy settings such as limiting certain options to only contacts.
They should not, however, ever download any unknown third-party files that are shared via messaging or social media platforms.
Telegram, a cross platform messaging app, is popular among crypto communities for its privacy and encryption features. It also supports large groups and has no ties with Meta’s social media apps, such as Facebook Messenger, Instagram, and Messenger.
Last week, Monkey Kingdom, a Solana-based non-fungible token (NFT), project, was robbed by its investors. A cyber thief had hacked the official Discord server of the project and published a link that would lead to phishing.