Hackers are leveraging the popular Telegram messaging app by embedding its code inside a remote access trojan (RAT) dubbed ToxicEye, new research has found. A victim’s computer infected with the ToxicEye malware is controlled via a hacker-operated Telegram messaging account.
The ToxicEye malware can take over file systems, install ransomware and leak data from victim’s PCs, according to researchers at Check Point Software Technologies.
Check Point said it tracked more than 130 cyberattacks in the last three months that leveraged ToxicEye, which was being managed by threat actors over Telegram. Attackers use the messaging service to communicate with their own server and exfiltrate data to it, according to a report published online Thursday.