Telegram for Android reportedly had a zero-day vulnerability which was being focused by attackers. This vulnerability, dubbed EvilVideo, allowed malicious actors and hackers to ship malware disguised as video recordsdata, as per the report. It was detected by a cybersecurity analysis agency final month after a put up in regards to the exploit was discovered on the darkish net. The poster was stated to be promoting the exploit and likewise confirmed a screenshot of its workings. Notably, Telegram launched an replace on July 11 patching the vulnerability after the cybersecurity agency notified it in regards to the exploit.
EvilVideo Exploit Present in Telegram
In keeping with a newsroom put up by cybersecurity agency Eset, Telegram for Android had a zero-day vulnerability. A zero-day vulnerability is a safety flaw which is unknown to the developer. The time period is used since builders have “zero days” to patch the difficulty. This specific vulnerability was reportedly discovered by some malicious actors who had been making an attempt to promote it on the darkish net.
“We discovered the exploit being marketed on the market on an underground discussion board. Within the put up, the vendor exhibits screenshots and a video of testing the exploit in a public Telegram channel. We had been capable of establish the channel in query, with the exploit nonetheless obtainable. That allowed us to get our arms on the payload and check it ourselves,” stated ESET researcher Lukáš Štefanko, who found the exploit.
Darkish net put up in regards to the Telegram vulnerability
Photograph Credit score: Welivesecurity
Dubbed EvilVideo, the exploit allowed hackers to deploy malware payload as Android Bundle (APK) throughout the video recordsdata, primarily based on the darkish net put up noticed by Welivesecurity. When performed, Telegram reportedly would present a message that claims “App was unable to play this video.” Nevertheless, instantly afterwards, the hidden malware would ship request to permit apps from third-party sources so it may very well be put in, revealed the publication.
Because the default choice on Telegram downloads movies by default, the researchers imagine the payload might have been simply unfold to a lot of customers by planting them in giant public teams.
Nevertheless, Eset notified Telegram in regards to the exploit on June 26, and reportedly, Telegram launched an replace on July 11, patching the vulnerability.
