Purple Fox malware distributed via malicious Telegram installers

A malicious Telegram for Desktop installer distributes the Purple Fox malware to install further malicious payloads on infected devices.

The installer is a compiled AutoIt script named “Telegram Desktop.exe” that drops two files, an actual Telegram installer, and a malicious downloader.

While the legitimate Telegram installer dropped alongside the downloader isn’t executed, the AutoIT program does run the downloader (TextInputh.exe).

Full article

Scroll to Top