ESET researchers have uncovered a zero-day vulnerability named “EvilVideo” that targets Telegram for Android, enabling attackers to send malicious payloads disguised as video files. On June 6, 2024, a zero-day exploit targeting Telegram for Android appeared for sale on an underground forum. This exploit, leveraging a vulnerability named “EvilVideo,” was tested by ESET researcher Lukas … The post Telegram for Android Hit by Zero-Day “EvilVideo” Exploit appeared first on RestorePrivacy.

  • drkt@lemmy.dbzer0.com
    link
    fedilink
    English
    arrow-up
    11
    ·
    3 months ago

    Once the user attempts to play the video, Telegram displays a message indicating it cannot play the file and suggests using an external player. If the user follows this suggestion, they are prompted to install a malicious app disguised as an external player. This app, detected as Android/Spy.SpyMax.T, is downloaded as an apparent video file with an .apk extension. The exploit’s nature misleads the Telegram preview into displaying the file as a video, even though it is an APK.

    It requires user input