"Information-Stealing Malware Is Spreading Widely on Telegram, Cisco Talos Says"

The new information-stealing malware that Cisco Talos researchers identified last month, which they have dubbed ZingoStealer, is now being shared on Telegram by a collective of cybercriminals called Haskers Gang. They have been targeting Russian speakers and gamers. Those who have fallen victim to the gang thought they were receiving a file containing game cheats, pirated software, or other useful item, but it was ZingoStealer instead. According to the Cisco Talos researchers, ZingoStealer uses Telegram's chat features to facilitate malware delivery and the exfiltration of data. The malware is capable of stealing credentials and cryptocurrency wallet information. It can also mine cryptocurrency on victims' machines. The researchers highlighted that ZingoStealer is freely available on Telegram and its deployment does not require hackers to be highly skilled. They also found that ZingoStealer delivers additional malware such as RedLine Stealer and XMRig cryptocurrency mining malware. RedLine Stealer is similar to ZingoStealer but offers support for stealing data from more applications and browser extensions. XMRig is a cryptocurrency mining client that uses victims' computing resources to mine Monero. This article continues to discuss the capabilities and distribution of ZingoStealer on Telegram. 

CyberScoop reports "Information-Stealing Malware Is Spreading Widely on Telegram, Cisco Talos Says"