Feb 13, 2018

Text processing glitch cleared way for hackers on chat app Telegram

Joe Uchill

Telegram Messanger. Sergei Konkov / Getty

If a file titled "article_in_wsj.jpg" looks like a it might be an image file, criminals might be able to trick you into clicking a nasty link through the messaging app, Telegram. A file name processing glitch already being exploited in the wild makes it easy to make one file type seem like another.

In the wild: Researchers at the Kaspersky Lab noticed that Telegram did not check to make sure the app does not reverse the file type and found several instances of the issue dating back to March of last year. Their findings included cryptocurrency mining malware and opening backdoors into systems. The trick seemed to be popular for Russian criminals. Telegram has since patched the vulnerability.

How it works : To allow filenames in languages that read from right to left, Telegram recognizes a formatting marker called a right-to-left override (RLO) character. Any text after a RLO is displayed from right to left. Flip the right letters in "123gpj.js" and you get "1234sj.jpg," turning an potentially malware-hiding javascript (.js) file into what looks like an jpeg image.

Go deeper

Stef W. Kight

Federal court temporarily halts "Remain in Mexico" program

Migrant wearing a cap with U.S. flagin front of the border between Guatemala and Mexico. Photo: Jair Cabrera Torres/picture alliance via Getty Image

The 9th Circuit Court of Appeals upheld a lower court's earlier injunction on Friday, temporarily stopping the Trump administration from enforcing the Migrant Protection Protocols (MPP) — known as the "Remain in Mexico" policy.

Why it matters: Tens of thousands of migrants seeking asylum have been forced to wait out their U.S. immigration court cases across the border in Mexico under the policy. The Trump administration has long credited this program for the decline in border crossings following record highs last summer.

Go deeperArrowUpdated 2 hours ago - Politics & Policy
Axios

Coronavirus updates: WHO raises global threat level to "very high"

Data: The Center for Systems Science and Engineering at Johns Hopkins, the CDC, and China's Health Ministry. Note: China numbers are for the mainland only and U.S. numbers include repatriated citizens.

The World Health Organization raised its global risk assessment for the novel coronavirus to "very high" Friday, its highest risk level as countries struggle to contain it. Meanwhile, National Economic Council director Larry Kudlow this morning tried to reassure the markets, which continued to correct amid growing fears of a U.S. recession.

The big picture: COVID-19 has killed more than 2,860 people and infected about 83,800 others in almost 60 countries and territories outside the epicenter in mainland China. The number of new cases reported outside China now exceed those inside the country.

Go deeperArrowUpdated 3 hours ago - Health
Dan Primack

Bernie's plan to hike taxes on some startup employees

Illustration: Sarah Grillo/Axios

Sens. Bernie Sanders (D-VT) and Chris Van Hollen (D-MD) introduced legislation that would tax nonqualified stock options at vesting, rather than at exercise, for employees making at least $130,000 per year.

The big picture: Select employees at private companies would be taxed on monies that they hadn't yet banked.

Go deeperArrow3 hours ago - Politics & Policy