Sign up for our daily briefing
Make your busy days simpler with Axios AM/PM. Catch up on what's new and why it matters in just 5 minutes.
Catch up on coronavirus stories and special reports, curated by Mike Allen everyday
Catch up on coronavirus stories and special reports, curated by Mike Allen everyday
Denver news in your inbox
Catch up on the most important stories affecting your hometown with Axios Denver
Des Moines news in your inbox
Catch up on the most important stories affecting your hometown with Axios Des Moines
Minneapolis-St. Paul news in your inbox
Catch up on the most important stories affecting your hometown with Axios Twin Cities
Tampa Bay news in your inbox
Catch up on the most important stories affecting your hometown with Axios Tampa Bay
Charlotte news in your inbox
Catch up on the most important stories affecting your hometown with Axios Charlotte
Telegram Messanger. Sergei Konkov / Getty
If a file titled "article_in_wsj.jpg" looks like a it might be an image file, criminals might be able to trick you into clicking a nasty link through the messaging app, Telegram. A file name processing glitch already being exploited in the wild makes it easy to make one file type seem like another.
In the wild: Researchers at the Kaspersky Lab noticed that Telegram did not check to make sure the app does not reverse the file type and found several instances of the issue dating back to March of last year. Their findings included cryptocurrency mining malware and opening backdoors into systems. The trick seemed to be popular for Russian criminals. Telegram has since patched the vulnerability.
How it works : To allow filenames in languages that read from right to left, Telegram recognizes a formatting marker called a right-to-left override (RLO) character. Any text after a RLO is displayed from right to left. Flip the right letters in "123gpj.js" and you get "1234sj.jpg," turning an potentially malware-hiding javascript (.js) file into what looks like an jpeg image.