Information-stealing malware is spreading widely on Telegram, Cisco Talos says

Written by
Apr 14, 2022 | CYBERSCOOP

A new information stealer — dubbed “ZingoStealer” by the Cisco Talos researchers who identified the malware last month — is now being shared prolifically on Telegram by the Haskers Gang, a collective of cybercriminals.

The gang has been targeting Russian speakers and gamers, Nick Biasini, the head of outreach for Cisco Talos told CyberScoop. Victims think they’re receiving a file with game cheats, pirated software or some other useful item, but it’s the malware instead.

“The velocity of new samples that we’re seeing is starting to ramp up pretty quickly so it’s important that we get this information out so that the public is aware that there’s a new stealer out there that is increasing in distribution as we speak,” Biasini said.

ZingoStealer leverages Telegram chat features to “facilitate malware executable build delivery and data exfiltration,” the Cisco Talos research report said. The malware can grab credentials, steal cryptocurrency wallet information and mine cryptocurrency on victims’ systems.

The stealer is freely available on Telegram pages and doesn’t require advanced hacking skills to deploy, the researchers said.

Haskers Gang has been active since at least January 2020 and is

Read More: