Telegram for Android reportedly had a zero-day vulnerability which was being focused by attackers. This vulnerability, dubbed EvilVideo, allowed malicious actors and hackers to ship malware disguised as video information, as per the report. It was detected by a cybersecurity analysis agency final month after a put up concerning the exploit was discovered on the darkish net. The poster was stated to be promoting the exploit and in addition confirmed a screenshot of its workings. Notably, Telegram launched an replace on July 11 patching the vulnerability after the cybersecurity agency notified it concerning the exploit.
EvilVideo Exploit Present in Telegram
Based on a newsroom put up by cybersecurity agency Eset, Telegram for Android had a zero-day vulnerability. A zero-day vulnerability is a safety flaw which is unknown to the developer. The time period is used since builders have “zero days” to patch the difficulty. This explicit vulnerability was reportedly discovered by some malicious actors who have been making an attempt to promote it on the darkish net.
“We discovered the exploit being marketed on the market on an underground discussion board. Within the put up, the vendor exhibits screenshots and a video of testing the exploit in a public Telegram channel. We have been capable of establish the channel in query, with the exploit nonetheless accessible. That allowed us to get our fingers on the payload and take a look at it ourselves,” stated ESET researcher Lukáš Štefanko, who found the exploit.
Darkish net put up concerning the Telegram vulnerability
Photograph Credit score: Welivesecurity
Dubbed EvilVideo, the exploit allowed hackers to deploy malware payload as Android Package deal (APK) inside the video information, based mostly on the darkish net put up noticed by Welivesecurity. When performed, Telegram reportedly would present a message that claims “App was unable to play this video.” Nevertheless, instantly afterwards, the hidden malware would ship request to permit apps from third-party sources so it could possibly be put in, revealed the publication.
For the reason that default possibility on Telegram downloads movies by default, the researchers consider the payload might have been simply unfold to a lot of customers by planting them in giant public teams.
Nevertheless, Eset notified Telegram concerning the exploit on June 26, and reportedly, Telegram launched an replace on July 11, patching the vulnerability.
