Telegram is very well known for its security. A bunch of Security Researchers released a malware which can be used to steal the session of any Telegram user. This exploits works only with Windows version of telegram.
As per the developers of Teleshadow Malware Telegram stores the session details in ‘ C:\Users\YourName\AppData\Roaming\Telegram Desktop\tdata ‘ directory and this is not a good practice. Using Teleshadow the hackers can send the session details to a a third party using Email and this can be used for session Hijacking.
The tool is in its Beta phase and is released through KitPloit and GitHub
— ☣ The Hacker Tools (@KitPloit) October 2, 2017
By exploiting the same an attacker can :
- Bypass Two-step confirmation
- Bypass Inherent identity and need 5-digit verification code
The developers told seckurity that they contacted Telegram and they failed to provide an update. Hope telegram will fix this issue in the coming days as this is a very serious security issue.
DISCLAIMER : We never tested the malware to confirm the authenticity & we are not responsible for any consequences. If you want to test, test it in you own risk