CyberNews Briefs

Telegram Abused to Steal Crypto-Wallet Credentials

Attackers are leveraging the Telegram messaging platform to target the crypto-wallets of users. The attackers behind the campaign are using the Echelon information stealer in an effort seeking to defraud new or unsuspecting users of a cryptocurrency discussion channel on the messaging platform. The attackers are using the Telegram handle “Smokes Night” to spread the infostealer. Security researchers at SafeGuard’s Cyber Division Seven threat analysis unit initially discovered a sample of Echelon posted to a Telegram channel focused primarily on cryptocurrency in October, according to an analysis released on Thursday.

The Echelon infostealer aims to steal credentials from multiple messaging and file-sharing platforms, including Discord, Edge, FileZilla, OpenVPN, Outlook, Telegram itself, and others. Echelon also seeks to obtain credentials from several different cryptocurrency wallets, including AtomicWallet, BitcoinCore, ByteCoin, Exodus, Jaxx, and Monero. Researchers at SafeGuard Cyber believe that the campaign is not coordinated or sophisticated, and is rather choosing victims based on their supposed level of knowledge of cryptocurrency and when they joined the channel.

Read More: Telegram Abused to Steal Crypto-Wallet Credentials

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.