EvilVideo Zero-Day Exploit Targets Telegram Android App
1. The EvilVideo zero-day flaw in Telegram's Android app allowed attackers to disguise malicious files as videos.
2. The exploit was first seen for sale on June 6, 2024, and was patched by Telegram in version 10.14.5 released on July 11.
3. Attackers used Telegram's API to upload malicious APK files disguised as videos to chats and channels.
4. Clicking on the video prompted a warning and a request to install the APK, named "xHamster Premium Mod."
5. The exploit leveraged Telegram's default auto-download setting for media files, affecting only the mobile app.
#evilvideo #telegramexploit #zeroday #cybersecurity #androidmalware #apk #malware #cyberthreats #telegram #securityflaw #threatintel #maliciousfiles #appsecurity #mobilesecurity #infosec #cyberattack #vulnerability #exploit #securitypatch #cyberdefense
1. The EvilVideo zero-day flaw in Telegram's Android app allowed attackers to disguise malicious files as videos.
2. The exploit was first seen for sale on June 6, 2024, and was patched by Telegram in version 10.14.5 released on July 11.
3. Attackers used Telegram's API to upload malicious APK files disguised as videos to chats and channels.
4. Clicking on the video prompted a warning and a request to install the APK, named "xHamster Premium Mod."
5. The exploit leveraged Telegram's default auto-download setting for media files, affecting only the mobile app.
#evilvideo #telegramexploit #zeroday #cybersecurity #androidmalware #apk #malware #cyberthreats #telegram #securityflaw #threatintel #maliciousfiles #appsecurity #mobilesecurity #infosec #cyberattack #vulnerability #exploit #securitypatch #cyberdefense