Be extra careful if you watch videos on Telegram frequently
According to TechRadar, cybersecurity researchers ESET have just discovered a serious vulnerability in the Telegram Android app that allows hackers to install malware through videos. This vulnerability was exploited for at least 5 weeks before being patched on July 11.
According to ESET, the hackers created malicious APK (Android application installation package) files, but disguised them as videos. When users download or click on the video, the APK file is automatically downloaded and installed, infecting the user's phone. Since Telegram automatically downloads all multimedia content, the hackers only needed to wait for the user to open the message. For users who have disabled automatic media downloads, they only needed to tap on the received message once to trigger the download.
To trick users, the hackers also displayed fake notifications, asking to play the video using an external player or a message that Telegram could not install the APK file. If users ignored these warnings, they would unwittingly install malware on their devices.
Upon further analysis of the malware, ESET found two pieces of malware hosted online, one impersonating Avast Antivirus and one a fake “premium mod” for xHamster (an adult content site). ESET
reported their findings to Telegram developers, and Telegram released a patch last week. The vulnerability had been present for at least five weeks, giving the attackers plenty of time to target Telegram users.
The vulnerability affects Telegram Android versions 10.14.4 and earlier. Users are advised to update the app to the latest version (10.14.5) to patch the vulnerability and avoid being attacked.
This is a reminder of the importance of keeping your software up to date to protect your devices from security vulnerabilities. Users should also be cautious when downloading or clicking on files from untrusted sources, especially on messaging apps.
If you are using Telegram, you should download the latest patched version, v10.14.5. The Telegram desktop app is not affected by this vulnerability.