Zeitpunkt Nutzer Delta Tröts TNR Titel Version maxTL Do 25.07.2024 00:00:12 7.214 +1 607.496 84,2 NerdCulture 4.2.10 1.000 Mi 24.07.2024 00:00:05 7.213 -1 606.862 84,1 NerdCulture 4.2.10 1.000 Di 23.07.2024 00:00:03 7.214 0 606.564 84,1 NerdCulture 4.2.10 1.000 Mo 22.07.2024 00:01:25 7.214 0 606.028 84,0 NerdCulture 4.2.10 1.000 So 21.07.2024 00:01:09 7.214 +1 605.552 83,9 NerdCulture 4.2.10 1.000 Sa 20.07.2024 00:00:00 7.213 +1 605.193 83,9 NerdCulture 4.2.10 1.000 Fr 19.07.2024 13:58:59 7.212 -7 604.919 83,9 NerdCulture 4.2.10 1.000 Do 18.07.2024 00:01:10 7.219 +1 604.296 83,7 NerdCulture 4.2.10 1.000 Mi 17.07.2024 00:01:12 7.218 0 603.750 83,6 NerdCulture 4.2.10 1.000 Di 16.07.2024 00:01:11 7.218 0 603.122 83,6 NerdCulture 4.2.10 1.000
Olly 👾 (@Olly42) · 01/2024 · Tröts: 246 · Folger: 28
Do 25.07.2024 15:52
Telegram App Flaw exploited to spread Malware hidden in Videos.
A zero-day security flaw in Telegram's mobile app for Android called EvilVideo made it possible for attackers to malicious files disguised as harmless-looking videos. The issue was addressed by Telegram in version 10.14.5 released on July 11.
#telegram #socialmedia #video #it #security #privacy #tech #engineer #news
It's believed that the payload is concocted using Telegram's application programming interface (API), which allows for programmatic uploads of multimedia files to chats and channels. In doing so, it enables an attacker to camouflage a malicious APK file as a 30-second video.
[ImageSource: ESET] APK file previewed as a 30-sec clip The EvilVideo zero-day flaw only worked on Telegram for Android and allowed attackers to create specially crafted APK files that, when sent to other users on Telegram, appear as embedded videos. ESET believes that the exploit uses the Telegram API to programmatically create a message that appears to show a 30-second video.
[ImageSource: ESET] Prompt to launch an external video player When users attempt to play the fake video, Telegram suggests using an external player, which may cause recipients to tap the "Open" button and execute the payload.
[Öffentlich] Antw.: 0 Wtrl.: 0 Fav.: 0 · via Metatext