Adversaries are increasingly abusing Telegram as a “command-and-control” system to distribute malware into organizations that could then be used to capture sensitive information from targeted systems.
“Even when Telegram is not installed or being used, the system allows hackers to send malicious commands and operations remotely via the instant messaging app,” said researchers from cybersecurity firm Check Point, who have identified no fewer than 130 attacks over the past three months that make use of a new multi-functional remote access trojan (RAT) called “ToxicEye.”
