TELEGRAM Virus Ransomware TELEGRAM mean a ransomware-type infection. The virus comes from the NEFILIM ransomware…
Let me remind you that we also wrote that Implant FinSpy was able to read even the protected chat rooms in Telegram and WhatsApp.
The first messages about the deactivation of Premium subscriptions obtained by fraud began to appear on the evening of October 31, although no official comments were received from the messenger team.
The Durov Code publication conducted its own investigation of the incident, and said that last summer three Moscow schoolchildren (known by their nicknames Martov, Munfizy and Filya) discovered a vulnerability in Telegram, thanks to which a paid subscription could be obtained for free.
It all started with a bug that Martov discovered: at the moment of buying a gift on an iPhone with a jailbreak (and a tweak from Cydia – LocalIAPStore installed), he pressed the “Cancel” button, after which the action was canceled, but the Premium gift subscription was activated anyway.
As a result, friends decided to capitalize the discovered vulnerability, namely, to resell the Premium subscriptions obtained in this way. After all, all it took was a jailbroken iPhone and App Store gift cards.
Initially, friends were going to work together. Each had to buy three jailbreakable iPhones, as well as three $15, $25, and $45 App Store gift cards. This should have been enough to “gift” subscriptions for 3, 6 and 12 months, respectively. As Munfizy told reporters, this made it possible to sell subscriptions at a 50% discount from the official price list. According to Munfizy, word-of-mouth did the rest, and didn’t even have to buy advertising—sales were already growing at a tremendous rate.
However, soon the friends realized that they could no longer work together and split into two teams: Munfizy and Filya continued to work together, and Martov went “on a free voyage”. At first, they managed to agree on uniform prices, but both teams actively expanded, hiring more and more employees (initially they were mostly their friends and acquaintances). According to the publication, the increase in the number of people involved in this scheme that led to its collapse.
Not surprisingly, many “employees” quickly came to the conclusion that they themselves could do just as well, and it would not be necessary to share profits with anyone. As a result, according to Munfizy, there were soon more than 25 such “companies” on the market offering premium subscriptions at a similar price. All of them exploited the same bug and worked according to the scheme originally invented by friends. “Someone bought it, and someone got it for free at all – out of friendship,” Munfizy explained.
Soon, new competitors began to lower prices in an attempt to attract users, and at some point, the cost of a Premium subscription on the black market fell by almost 10 times. That is, it got to the point that the annual subscription, bought from fraudsters, cost two times cheaper than the official Premium subscription for a month.
This state of affairs led to a quarrel between friends, as a result of which the scheme was first sold to the side for $5,000. Martov told Durov’s Code that he personally did not sell information about the scheme until recently. According to him, he did it only last week – the buyers were two users from China who paid $500 and $700.
Interestingly, one of the three discoverers of the bug, on condition of anonymity, disclosed to journalists his income from its exploitation. He claims that he managed to earn about $ 80,000, and the publication confirms this, as statements from his personal account were seen in the editorial office.
When friends were asked if they had thought to immediately report the vulnerability to the developers of the messenger and, probably, receive a reward for discovering the problem, they replied that they wanted to earn money and doubted that they would receive any payment from Telegram.
However, after all the controversy, quarrels and hard price dumping, Munfizy decided to make the scheme publicly available, as well as transfer the data to the Telegram team with an explanation of how to fix the bug that happened on October 29, 2022.
In a conversation with Code Durov, a source close to Telegram confirmed that the described vulnerability really existed and was closed. Moreover, according to him, the developers managed to identify users with such subscriptions, after which they began to turn off Telegram Premium.
Chernars.com is a domain that tries to force you into subscribing to its browser notifications…
Eclipse-adblocker.pro is a site that tries to trick you into clik to its browser notifications…
Initiateadvancedcompletelythe-file.top is a site that tries to force you into subscribing to its browser notifications…
Pbmsoultions.com is a domain that tries to trick you into clik to its browser notifications…
Prizestash.com is a site that tries to trick you into subscribing to its browser notifications…
Verifiedbreaking.com is a domain that tries to force you into subscribing to its browser notifications…