Telegram fixes critical vulnerabilities, protecting users from malicious files: Know-more

Follow us on

Telegram, an instant messaging platform has recently addressed a significant vulnerability in its Android app which enabled the hackers to send malicious files. The exploit which was known as "EvilVideo," was discovered by researchers at ESET after it appeared for sale on an underground forum on June 6th, 2024. 

This feature enabled the attackers to share harmful payloads via Telegram channels, chats, and groups- making them look like innocuous multimedia files. Telegram's quick action demonstrates the dedication of the platform to maintaining a secure platform for its users, emphasizing the need for vigilance in cybersecurity.

Discovery and patch implementation

It was ESET's team which reportedly identified and analyzed the EvilVideo exploit on the platform, before reporting it to Telegram on June 26 (2024). To it's response, the platform released an update on July 11 (2024), patching the vulnerability in Telegram versions 10.14.5 and above. 

This update successfully addressed the issue, helping and protecting the users from potential threats which were associated with this exploit.

Related Stories

Telegram at risk as hackers using it to pull off large-scale phishing scams | Deets here

Telegram adds 11 new features to boost messaging | Here are the details

Telegram lights up conversations with Colorful Calls, enhanced Bot and more | Details

Telegram introduces these 9 new features to enhance group communication

Telegram rollouts greeting messages, quick replies, more for business: All you need to know

Telegram adds Sticker Editor tool: What is it and how does it work?

Microsoft's Copilot AI chatbot now available on Telegram

EvilVideo Exploit- Mechanism

• The EvilVideo exploit is specifically targeted to Telegram versions 10.14.4 and earlier. The exploit functioned by creating a malicious payload that appeared as a 30-second video file in chat. 
• When the users attempt to play the file, Telegram would prompt them to install an external player, which is a disguised malicious app. 
• The payload would automatically download if users had their settings set to auto-download media files, or if the users could manually download it by tapping the download button.

Telegram's Web or Desktop clients are safe

1. It is important to note that the exploit did not affect Telegram's Web or Desktop clients. Also, the Web client treated the file as an MP4, while the Desktop client added an extra .mp4 extension to the APK file, by preventing the exploit from executing.
2. Response and ongoing security efforts
3. The identity of the threat actor behind the EvilVideo exploit remains unknown, by the time of writing. However, it was noted that they were offering other malicious services on the same underground forum. 
4. Despite this, Telegram's prompt response to the vulnerability highlights the commitment to user security.
5. The patch for the EvilVideo vulnerability further ensures that Telegram is for Android users and they are no longer at risk from this specific exploit. 
6. This incident serves as a reminder of the importance of keeping apps updated to protect against potential threats. 

ALSO READ: Meta AI now available in Hindi: How to use?