Scammers are using Telegram channels dedicated to finance and trading to spread the DarkMe malware, which steals user information.
Hackers add archives containing malicious files with .lnk, .com, and .cmd extensions to Telegram posts. Once a user opens them, the DarkMe virus enters their device. With its help, attackers can remotely control the victim's device and steal personal data.
Kaspersky Lab specialists noted that downloading files from applications like Telegram may be perceived by users as a less risky action than downloading from the Internet. But this is not the case.
Earlier, a new scam scheme appeared in Telegram under the guise of "security tips". Users receive notifications that their account may be blocked due to suspicious activity. The notification contains a link allegedly to the "system center", which you need to follow.
Hackers have also learned to send viruses under the guise of photographs in Telegram. Attackers send a file with the apk extension and ask a tricky question: "Is this you in the photo?" When a person downloads an image to view it, a malicious program enters their device.
Read materials on the topic:
Scammers are again looking for easy money: a new way of deception was invented in Telegram
They took up Telegram: scammers came up with a new scheme for stealing accounts in the messenger
Scammers have become active again: Roskachestvo warned about a new way of deception in Telegram
