Telegram Exploit Used to Mine Monero and Zcash

Hackers used right-to-left override to mine crypto using victims computer and to install spyware
14 February 2018   368

Kaspersky Lab specialists discovered a breach in the Telegram client for Windows, which hackers used to mine cryptocurrency and install spyware since March 2017. Victims of intruders could be up to 1 thousand people, according to Kommersant.

According to experts, the vulnerability was to use an attack RLO (right-to-left override), through which attackers changed the order of characters in the name and file extension. Thus, the victim downloaded malicious software under the guise of, for example, images, and launched it themselves, unaware that it was an executable file. This allowed cybercriminals to gain remote access to victims' computers and use their computing capabilities to mine Monero, Zcash, Fantomcoin and others.

In addition, hackers installed spyware on computers. So, on the servers of cybercriminals, analysts found archives with the local cache of Telegram, which the criminals pumped out from the victims devices. Each of them, among other things, contained in various user materials in encrypted form: documents, audio and video recordings, photographs.

The detected artifacts allow us to suggest the Russian origin of the criminals. Some lines in the malicious code were in Russian, and in the "lit" email addresses of intruders appeared Russian words and names.

Alexey Firsh
Kaspersky Lab

All cases of hacker attacks were recorded in Russia and only with a client for Windows. At the same time, Kaspersky Lab's specialists do not exclude that other platforms were exposed to vulnerabilities.

Currently, Telegram instant messenger developers are notified of the problem, the vulnerability is already closed.

Bitmain to Present Antminer B3 for Bytom

Device will be available for purchase in the beginning of May
25 April 2018   86

Biggest minning equipment manufacturer, Bitmain, represented Antminer B3. The device is designed for Bytom cryptocurrency mining.

Antminer B3
Antminer B3

These are maint Antimer B3 parameters:

  • Total quantity of hash chips 12 PCS
  • Total quantity of hash boards 3 boards per miner
  • Total hash rate 780 H/s ±5%
  • DC voltage input 11.60~13.00 V
  • DC current input @12V DC input @25℃ 27.33 A ±7%
  • DC Power @12V DC input @25℃ 328 W ±7%
  • 220VAC Power @25℃ ,93% conversion efficiency of APW3++ 360 W ±7%
  • 220VAC Power @40℃ ,93% conversion efficiency of APW3++ 373 W ±7%
  • 220VAC Power efficiency @25℃ ,93% conversion efficiency of APW3++ 0.46 J/H ±7%
  • 220VAC Power efficiency @40℃ ,93% conversion efficiency of APW3++0.468 J/H ±7%
  • Operation temperature 0-40 ℃
  • Storage temperature -40-85 ℃
  • Operation humidity 5%RH-95%RH,prevent condensation

The shipments will start in early May. The cost is $ 2453. The model is released in the amount of 2500 miners. The sale of more than one device in one hand is prohibited.