Telegrab: Russian malware hijacks Telegram sessions

Researchers have discovered and analyzed an unusual piece of malware that, among other things, seeks to collect cache and key files from end-to-end encrypted instant messaging service Telegram.

Cisco Talos researchers Vitor Ventura and Azim Khodjibaev dubbed the malware Telegrab. They analyzed two versions of it. The first one, discovered on April 4, 2018, only stole browser credentials, cookies, and all text files it can find on the system. The second one, spotted less than a week later, is also capable of collecting Telegram’s desktop cache and key files and login information for the Steam website.

Read more about the newly discovered Telegrab malware on Help Net Security.

Track the strategic threats to your business with the Threat Brief, delivered to your email daily.

Subscribe Here