Eset Research Podcast: Evilvideo

ESET Research

ESET researchers talk really they uncovered a zero-day Telegram for Android utilization that allowed attackers to nonstop malicious files posing arsenic videos

17 Sep 2024  •  , 1 min. read

Telegram, pinch astir a cardinal monthly users, is simply a juicy target for cybercriminals, particularly if they tin utilization a zero-day vulnerability to dispersed malicious code. ESET malware interrogator Lukáš Štefanko ran into 1 specified utilization – which ESET named EvilVideo – being sold connected an underground forum and went successful to research and study it.

In nan chat pinch our podcast big ESET Distinguished Researcher Aryeh Goretsky, Štefanko describes nan findings of his analysis, including nan truth that nan flaw affected only nan Android type of nan app but not nan versions for Windows and iOS.

He besides elaborate that successful nan impervious of conception he analyzed, nan utilization was bundled pinch an off-the-shelf spyware called Android/Spy.SpyMax but that could beryllium swapped for immoderate different malware of nan attacker’s choice.

If you want to cognize really Telegram developers reacted to ESET reporting nan vulnerability, really agelong it took to fix, really galore victims were found, aliases what users and companies tin do to enactment safe, perceive to nan latest section of nan ESET Research podcast.

For a elaborate study connected EvilVideo aliases connected nan activities of galore threat actors, travel ESET Research connected X (formerly known arsenic Twitter) and cheque retired our latest blogposts and white papers connected WeLiveSecurity.com. If you for illustration what you hear, subscribe for much connected Spotify, Apple Podcasts, aliases PodBean.

PS: For those of our listeners who are attending nan 2024 ESET Technology Conference and playing on pinch our crippled of seizure nan flag, nan emblem for nan CTF situation named “Radio Broadcast” is: podcasts_are_new_books.