"Telegram Zero-Day Enabled Malware Delivery"

ESET warns that Telegram for Android was exploited to distribute malware disguised as videos. The cybersecurity company identified the vulnerability after finding an advertisement for a zero-day exploit targeting Telegram for Android on a cybercrime forum. The exploit is believed to have been developed using the Telegram Application Programming Interface (API), enabling developers to upload crafted multimedia files to Telegram chats or channels programmatically. The code exploits a vulnerability called "EvilVideo," which lets attackers to deliver payloads with APK files that are displayed as a multimedia preview.  This article continues to discuss the vulnerability in Telegram for Android used to distribute malicious files disguised as videos.

SecurityWeek reports "Telegram Zero-Day Enabled Malware Delivery"

Submitted by grigby1

Submitted by Gregory Rigby on