Harvest Credentials News Today : Breaking News, Live Updates & Top Stories | Vimarsana
FatalRAT Exploits Telegram to Deliver Malicious Links
bankinfosecurity.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from bankinfosecurity.com Daily Mail and Mail on Sunday newspapers.
FatalRAT Exploits Telegram to Deliver Malicious Links
govinfosecurity.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from govinfosecurity.com Daily Mail and Mail on Sunday newspapers.
Credentials are posted to the Telegram API and the user is redirected. (Source: Cofense)
A recently discovered phishing campaign attempted to steal victims credentials by abusing the Telegram messaging app s API to create malicious domains that help bypass security tools such as secure email gateways, according to researchers at security firm Cofense.
This particular phishing attack appeared active in mid-December 2020 and has since stopped. The targets of these malicious emails mainly worked in the U.K. financial services sector, Cofense notes.
While the Telegram application offers secure, encrypted communication channels for its users, the Cofense report notes that the service also offers API options that can allow users to create programs that use the app s messages for an interface. In this case, the fraudsters used the APIs to create realistic-looking phishing domains that bypassed security tools.