Cybersecurity researchers at ESET have discovered a zero-day vulnerability targeted by attackers in the Telegram for Android app. This could have allowed attackers to send malicious payloads disguised as legitimate video chats. This vulnerability was dubbed as EvilVideo. Telegram developers have now fixed this bug earlier this month in versions 10.14.5 and above.
ESET researcher Lukas Stefanko and his team found this exploit while accessing secret online forums. They saw a seller showing pictures and a video of how the exploit works on a public Telegram channel. The researchers then found this channel and downloaded this video file to test it. This particular vulnerability was reportedly also reported by malicious actors who were trying to sell it on the dark web.
When shared in a chat, the malicious file appears as a multimedia file, which then prompts Telegram users to download it, if the automatically download media files option is enabled. Hence, the ESET researchers feared that the payload could have been easily spread to a large number of users, by planting it to various public groups or channels.
The ESET team first found this ‘EvilVideo’ malicious file on June 26, 2024, and immediately informed about it to Telegram. However, after no action was taken by the app developers at that time, the ESET team again reported on July 4. Thankfully, the Telegram app team responded quickly, confirming they will rectify this issue.
Telegram released an update on July 11, patching the vulnerability. This update makes sure that users are no longer at risk from the ‘Evil Video’ exploit, and we also suggest Telegram users update their apps at the latest.
Discover the latest Business News, Sensex, and Nifty updates. Obtain Personal Finance insights, tax queries, and expert opinions on Moneycontrol or download the Moneycontrol App to stay updated!
