Telegram for Android reportedly had a zero-day vulnerability which was being focused by attackers. This vulnerability, dubbed EvilVideo, allowed malicious actors and hackers to ship malware disguised as video information, as per the report. It was detected by a cybersecurity analysis agency final month after a put up in regards to the exploit was discovered on the darkish net. The poster was mentioned to be promoting the exploit and likewise confirmed a screenshot of its workings. Notably, Telegram launched an replace on July 11 patching the vulnerability after the cybersecurity agency notified it in regards to the exploit.
EvilVideo Exploit Present in Telegram
In response to a newsroom post by cybersecurity agency Eset, Telegram for Android had a zero-day vulnerability. A zero-day vulnerability is a safety flaw which is unknown to the developer. The time period is used since builders have “zero days” to patch the problem. This explicit vulnerability was reportedly discovered by some malicious actors who had been making an attempt to promote it on the darkish net.
“We discovered the exploit being marketed on the market on an underground discussion board. Within the put up, the vendor reveals screenshots and a video of testing the exploit in a public Telegram channel. We had been capable of establish the channel in query, with the exploit nonetheless accessible. That allowed us to get our fingers on the payload and check it ourselves,” mentioned ESET researcher Lukáš Štefanko, who found the exploit.
Darkish net put up in regards to the Telegram vulnerability
Photograph Credit score: Welivesecurity
Dubbed EvilVideo, the exploit allowed hackers to deploy malware payload as Android Bundle (APK) inside the video information, primarily based on the darkish net put up spotted by Welivesecurity. When performed, Telegram reportedly would present a message that claims “App was unable to play this video.” Nevertheless, instantly afterwards, the hidden malware would ship request to permit apps from third-party sources so it might be put in, revealed the publication.
Because the default choice on Telegram downloads movies by default, the researchers imagine the payload might have been simply unfold to numerous customers by planting them in giant public teams.
Nevertheless, Eset notified Telegram in regards to the exploit on June 26, and reportedly, Telegram launched an replace on July 11, patching the vulnerability.
