A malware called Elcheron, detected by SafeGuard Cyber, is being distributed in Telegram groups linked to cryptocurrencies and its focus is on stealing credentials from applications and also from wallets.
Today Telegram is one of the preferred messengers of the cryptocurrency community due to features not found in competing applications. However, with so many groups and channels about cryptocurrencies, it can be a plateful for hackers.
Despite this, some quick settings can improve your security significantly. The most important one is disable automatic media download, in addition, other privacy settings can also help.
Malware on Telegram wants your cryptocurrencies
Like the malware found in the pirated Windows activator, the malware being distributed in Telegram groups has the same focus: gaining access to sensitive data that could allow hackers to steal cryptocurrencies.
The malware’s main objective is to steal credentials and data from cryptocurrency wallets, allowing the attacker to gain access to victims’ money. According to a SafeGuard Cyber report, the wallets that malware targets are as follows:
In addition, Elcheron also tries to gain access to other applications like messengers and FTP and VPN platforms like Discord, Edge, FileZilla, NordVPN, OpenVPN, Outlook, Pidgin, ProtonVPN, Psi (Jabber), Telegram itself and TotalCommander. Several such applications, such as Discord, are often constant targets of such attacks.
While it sounds less harmful in this last part, it’s worth remembering that some stolen data can lead to social engineering attacks, resulting in equal or even greater losses for victims.
How to protect yourself from this malware
As users of cryptocurrencies need to participate in groups related to the topic to obtain information about the market, this seems to be the main target of attackers.
The best tip to protect yourself from this and other malware is to disable automatic file download by opening the menu and going to settings, then in data and storage e disable the three automatic media download options. And, of course, never download third-party files onto your devices without proper verification, important practice.
Furthermore, it is also recommended to review your privacy settings. This way, by limiting certain options to just your contacts, you also decrease the chances of being the target of attacks aimed at stealing your cryptocurrencies.
As the Telegram announced its cryptocurrency in previous years and its CEO has praised the project in recent days, criminals must focus on robbing exposed industry communities.