By using a hidden character in the feature that reversed the order of the characters, the attackers could rename a file, triggering the installation of the malware. Examples of the malicious software were only found in Russia, Kaspersky said.
Kaspersky Lab said clues found in the code indicate connections to Russian cybercriminals. It said such messaging app vulnerabilities are not unique to Telegram, noting that last month it had found a way for hackers to steal WhatsApp messages.