The vulnerability was used from March 2017, but is now closed. The affected machines were situated in Russia. Kaspersky Lab says it is in line with the recent trend of mining bots.
Researchers at Kaspersky Lab have detected vulnerability in the app Telegram for Windows OS, which has allowed hackers to covertly install malware on a victim’s computer and gain access to it. According to the lab, the software was later used either to spy on the infected PC or to use its power to mine cryptocurrency.
After installing the malware via a backdoor in Telegram, it acted covertly, receiving commands from the hackers using the Telegram API. Many infected computers were used to mine currencies such as Monero, Zcash, Fantomcoin. Kaspersky researchers say it is possible the backdoor could have been used to infect PC of specific people.
According to the lab’s data, all infected machines were located in Russia. The vulnerability in the Windows client of the program has now been fixed.
Since the cryptocurrency market began booming, the world has witnessed a rise in the number of viruses that use the resources of infected devices to mine Bitcoin and other digital currencies. One of the recent outbreaks of such viruses was detected in China, where over 7,000 Android devices were infected.