ESET Analysis
ESET researchers focus on how they uncovered a zero-day Telegram for Android exploit that allowed attackers to ship malicious recordsdata posing as movies
17 Sep 2024
•
,
1 min. learn
Telegram, with almost a billion month-to-month customers, is a juicy goal for cybercriminals, particularly if they’ll exploit a zero-day vulnerability to unfold malicious code. ESET malware researcher Lukáš Štefanko bumped into one such exploit – which ESET named EvilVideo – being bought on an underground discussion board and went in to discover and report it.
Within the dialogue with our podcast host ESET Distinguished Researcher Aryeh Goretsky, Štefanko describes the findings of his evaluation, together with the truth that the flaw affected solely the Android model of the app however not the variations for Home windows and iOS.
He additionally detailed that within the proof of idea he analyzed, the exploit was bundled with an off-the-shelf spyware and adware known as Android/Spy.SpyMax however that might be swapped for every other malware of the attacker’s alternative.
If you wish to understand how Telegram builders reacted to ESET reporting the vulnerability, how lengthy it took to repair, what number of victims have been discovered, or what customers and firms can do to remain protected, take heed to the newest episode of the ESET Analysis podcast.
For an in depth report on EvilVideo or on the actions of quite a few menace actors, observe ESET Analysis on X (previously generally known as Twitter) and take a look at our newest blogposts and white papers on WeLiveSecurity.com. For those who like what you hear, subscribe for extra on Spotify, Apple Podcasts, or PodBean.
PS: For these of our listeners who’re attending the 2024 ESET Expertise Convention and taking part in together with our sport of seize the flag, the flag for the CTF problem named “Radio Broadcast” is: podcasts_are_new_books.