×

Telegram Zero-Day Vulnerability

Telegram Zero-Day Vulnerability

Cyber Jul 28 2024HackerHub8 Blogtelegram hacked, Hacking News, Cyber news, latest cyber news, todays cyber news, Latest News, cyber news latest
Cyber
  • Security researchers have discovered a zero-day vulnerability in the Telegram Android app that allows malware to be distributed by hiding it in multimedia files.
  • Telegram has patched the EvilVideo vulnerability in newer app versions starting from 10.14.5.

Security researchers at ESET have discovered a zero-day vulnerability in Telegram’s Android app, EvilVideo. The flaw allows attackers to disguise malicious files as multimedia files. According to ESET, the exploit was put on sale in an online forum in June 2024. Following the research team’s disclosure, Telegram patched the flaw in its 10.14.5 version, released on July 11.

How the Flaw Works

According to the research team, threat actors could distribute malware via Telegram channels, groups, and chats by making them appear as video files installed on the devices once clicked upon.

The malicious payloads are created using the telegrams API, which allows programmatic uploads of multimedia content to channels and chats. This disguises the malicious APK file as a 30-second video. However, this exploit does not work on the Web or Windows applications.

If a Telegram user clicks on the video, a warning message pops up, stating that the video cannot be played on Telegram and should be opened on an external player. If the user complies, they are then prompted to allow the installation of an APK file via Telegram. Further, users who have enabled media files to be automatically downloaded on Telegram download the malicious files just by opening the chat or channel where the file has been shared.

Telegram-black?style=for-the-badge&logo=Telegram

INSTAGRAM-purple?style=for-the-badge&logo=instagram

Threats on Telegram

While Telegram is widely touted as a secure messaging application, cybercriminals have increasingly used the platform for illegitimate monetary schemes. This includes promoting fake app stores, distributing GitHub repositories holding info stealer malware such as Lumma Stealer, and spreading various trojans.

Telegram announced a patch for the EvilVideo exploit through a server-side fix on July 9 and urged users to update their apps to the latest version. Google also issued a statement that Android users were secured against such threats via Google Play Protect, which warns users and blocks potentially harmful apps from entering devices. However, users should be careful when downloading apps while purposefully bypassing security measures to mitigate such risks.


follow us

Telegram-black?style=for-the-badge&logo=Telegram

INSTAGRAM-purple?style=for-the-badge&logo=instagram

Tags

web hackinghackingCyber newsHackersCyber AttackcyberHacking NewsKali-linux Hackingweb toolAttack

Your Better experience on this site will be improved by allowing cookies Cookie Policy