AI DevwWrld CyberDSA Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

A dangerous vulnerability discovered on Telegram for Android: everything you need to know about EvilVideo

Exploit discovered on Telegram for Android: what is EvilVideo and how to protect yourself

ESET researchers have discovered the EvilVideo exploit, which affects Telegram on Android. The exploit, sold on underground forums, tricks users into downloading malicious apps. Telegram has resolved the issue with the update to version 10.14.5, thus protecting users.

This pill is also available in Italian language

A group of researchers at ESET recently identified a zero-day exploit called EvilVideo, designed to target the Telegram application on Android devices. This exploit surfaced for sale on a well-known underground forum on June 6, 2024. Attackers used this vulnerability to send infected files through various Telegram channels, groups, and chats, cleverly disguising them as seemingly harmless media files. Specialists managed to get their hands on a sample of the exploit, which allowed them to perform an in-depth analysis and report the issue to the Telegram platform on June 26, 2024.

Issue analysis and reporting

Once the researchers obtained a sample of the malicious file, they were able to decipher how the exploit worked and determined that it exploited a vulnerability in versions of Telegram for Android prior to 10.14.5. These files, disguised as videos, led Telegram to predict that they were not playable and to suggest the use of an external player. When the user clicked on the "Open" button, they were invited to download a malicious application, disguised as a video player. The vulnerability was immediately reported to Telegram, which released a fix patch on July 11, 2024 with version 10.14.5.

Limited impact on other platforms

During the analysis, it was found that the EvilVideo exploit had no significant effects on the web and desktop versions of Telegram on Windows operating systems. In these cases, the malicious files were correctly recognized as standard media files and did not pose an actual threat to user security. However, the discovery of the malicious code also revealed another worrying aspect: the vendor of the exploit provided an encryption service specifically designed for Android devices. This service, available on the same underground forum since January 2024, aimed to make malicious files invisible to antiviruses.

Safety recommendations and actions

After Telegram patched the vulnerability, security experts advised all users to immediately update the application to the latest version available to protect themselves from potential threats. The update to version 10.14.5 ensures that previews of media files are displayed correctly, clearly indicating when a file is actually an application. This major security breakthrough will help prevent similar exploits from being used in the future, further strengthening the protection of Telegram users on Android devices.

Follow us on WhatsApp for more pills like this

07/24/2024 11:19

Marco Verro

Last pills

Italy's success in cybersecurityHow Italy achieved excellence in global cybersecurity: strategies, collaborations, and international successes

IntelBroker alleged breach of Deloitte systemsServer exposed: how Deloitte's security may have been compromised by a cyber attack

Vo1d infections on Android TV boxes: how to protect your devicesLearn the essential measures to protect your Android TV boxes from the dreaded Vo1d malware and keep your devices safe from cyber threats

Hacker attack in Lebanon: Hezbollah under fireTechnological shock and injuries: cyber warfare hits Hezbollah in Lebanon