A zero-day vulnerability in the popular encrypted messaging app Telegram has subjected affected users to remote cryptomining for months, according to research released Tuesday by Kaspersky Lab.
Kaspersky found that the vulnerability has been exploited to mine cryptocurrency such as Monero, Zcash and Fantomcoin on a victim’s computer. In some cases, the zero-day was used to deploy spyware or remote control malware.
Firsh writes that Kaspersky doesn’t know exactly which versions of Telegram have been affected in the past, but that the exploitation in its Windows client has been going on since March 2017. All exploitation cases that Kaspersky detected occurred in Russia, which suggests that only Russian hackers have exploited the vulnerability.
“We informed the Telegram developers of the problem, and the vulnerability no longer occurs in Telegram’s products,” Firsh writes.
Telegram boasts more than 100 million active users, according to the company’s website, and is popular in the Middle East and Eastern Europe.