This exploit targeted only Android Telegram versions 10.14.4 and older.
We found the exploit being advertised for sale on an underground forum.
We were able to identify the channel in question, with the exploit still available.
The malware is displayed as a multimedia preview on the Android app and not as a binary attachment.
Once shared in the chat, the malicious payload appears as a harmless 30-second video.
By default, media files received via Telegram are downloaded automatically.
It also requests the user to turn on the installation of unknown apps.
ESET discovered the EvilVideo vulnerability on June 26, 2024, and reported the issue immediately to Telegram.
However, it wasnt until July 4 that Telegram confirmed the issue and began investigating it.
EvilVideo affects Telegram for Android version 10.14.4 and earlier.
This exploit is not a vulnerability in Telegram.
source: www.techworm.net
