Telegram security flaw: How hackers exploited a Telegram weakness to send malware file via chat

FILE PHOTO: A essential security flaw within the encrypted messaging app Telegram was reportedly exploited by attackers to unfold malicious information as harmless-looking movies. 
| Photo Credit: alexsl

A essential security flaw within the encrypted messaging app Telegram was reportedly exploited by attackers to unfold malicious information as harmless-looking movies. Called EvilVideo, the flaw was discovered within the cellular app for Android and allowed malicious actors to embed malware inside movies. The exploit appeared on the market on an underground discussion board on June 6, 2024, in accordance to ESET’s analysis group, after which the app disclosed it on June 26. The situation was lastly addressed by Telegram in model 10.14.5 launched on July 11. 

Attackers have been ready to disguise a malicious APK file in a 30-second clip which when clicked on confirmed a warning saying that the video couldn’t be performed and urged them to play it on an exterior participant. When they proceed, customers will probably be requested to okay an set up of an APK file known as ‘xHamster Premium Mod,’ by way of Telegram. 

Security researcher Lukas Stefanko defined in a weblog that attackers used Telegram’s API to make the payload and that by default media obtained via Telegram obtain robotically. So, customers will discover the malicious payload downloaded as quickly as they open the dialog. 

While there’s nonetheless no information across the culprits of the assault, it’s recognized that the identical actor marketed a totally undetectable Android crypter that may reportedly bypass Google Play Protect. 

(For prime expertise information of the day, subscribe to our tech e-newsletter Today’s Cache)

A spokesperson for the app responded to the ESET report saying the exploit wasn’t a vulnerability on Telegram since it will require customers to manually open the video and set up the app. They famous that they’d obtained a report concerning the exploit on July 5 and deployed a server-fix on July 9 on all variations.

A few days in the past, the corporate’s founder Pavel Durov mentioned that they’ve touched 950 million lively customers and goals to cross the 1 billion mark this 12 months. Telegram additionally plans to launch an app retailer and an in-app browser with assist for Web3 pages later this month.