Taking advantage of Telegram’s auto-download feature, a malicious malware on the Internet is trying to steal money in users’ decentralized E-wallets.
While blockchain technology and cryptocurrencies are growing in popularity, they have also become a prime target for cybercriminals in recent years because of their lucrative profit potentials.
Most recently, cybersecurity experts have discovered that many malicious attackers are actively using Echelon malware to make use of Telegram’s auto-downloading built-in function. More dangerous, this malware’s code has been tweaked to invade users’ data and privacy on mobile phones or computers.
This malware is said to be especially dangerous for Telegram users who have the auto-download feature enabled on this messaging application. Once the infected file is downloaded, the malware will automatically be installed to the device without users’ knowledge.
Besides, the malware can steal the information even if a Telegram user does not launch or close any applications. It can do so just by accessing the activity history or taking a screenshot on the computer.
This malware is called “Smokes Night”, which experts warn individuals to be especially careful of. In particular, “Smokes Night” can steal information from people’s decentralized cryptocurrency wallets (including non-custodial wallets – wallets where customers have to keep the encryption key themselves instead of relying on cryptocurrency exchanges).
Recently, security firm SafeGuard Cyber found out that this malware was posted in a Telegram channel specializing in cryptocurrencies, in order to steal user account information.
Better yet, users are advised to turn off Telegram’s auto-download option to protect themselves from having their E-wallets’ information being taken by the hackers.
To disable Telegram’s auto-download feature on your phone: go to Settings -> Data & Storage -> Automatic Media Download -> Disabled All.
On the computer: go to Settings -> Advanced -> Automatic Media Download -> Private chats, groups, channels -> Files -> Disabled.
Cryptocurrency theft – an increasing trend
According to a report by Atlas VPN, in the third quarter of 2021 alone, more than 1 billion USD of cryptocurrency was stolen by hackers worldwide. In total, there were 146 hacking and phishing attacks reported in the first three quarters of 2021, representing a 20% increase over the same period in 2020 when only 122 attacks were reported.
In particular, between Q1 and Q3 of 2021, Americans lost about $3.5 million per day related to cyberattacks amid growing interest in cryptocurrencies.