Telegram: flaw allowed distribution of malware disguised as videos

Zero-day flaw in Telegram for Android allowed cybercriminals distributing malicious files disguised as legitimate videosinfecting mobile phones with viruses for different purposes. The problem was discovered by ESET, which shared more information yesterday (22).

Nickname “DevilVideo” The vulnerability only affected the application on Google’s operating systemThrough this exploit, cybercriminals can send malware that appears as videos in individual messages, groups, or channels that are downloaded as soon as the conversation is opened.

The malicious file exploited the service’s default automatic media download feature in its Android app to spread. Clicking on the fake video, The user is warned that the device cannot open the content and is asked to download an external player along with the messenger’s APKWe provide the necessary permissions for installation.

In this way Mobile phone infection exploiting Telegram vulnerability depended on victim’s actionscould refuse to download. But the report said the issue posed a serious risk, especially for those who had never disabled automatic downloading of photos and videos on the platform.

Correction available

Telegram, which was alerted to the existence of the flaw by the cybersecurity company at the end of June, has released an update that fixes it. Solution in Telegram app for Android 10.14.5Which displays the APK correctly in the preview instead of showing it as a pseudo video file.

Users who have recently received videos on messenger and want to open an external application to play them should perform a security check on their mobile phones with a reliable tool. Moreover, If you have downloaded the malicious file, it is recommended that you delete it..

According to ESET, cybercriminals had at least five weeks to exploit the vulnerability until it was patched. However, It was unclear whether threat actors were exploiting the bug and what actions they were planning By distributing this malware.