Since LINE @ 2.0 changed the charging plan, many users, groups, and media have turned to use Telegram. But since there is no official Chinese version of Telegram, it has become a target for attackers. This session will introduce an attack that lured Chinese speakers to download the Telegram installer with Trojan. We will see how attackers can actively improve their attack techniques within a short time, and try to use various tricks to avoid detection and confuse users to identify their genuine functions.
Theo Chen currently works at Talent-Jump Technologies, mainly engaged in penetration testing, malware analysis, and threat hunting. He co-published the "Operation DRBControl" incident investigation and analysis report with Trend Micro in February 2020.