A recent security weakness in Telegram’s Android application, named EvilVideo, allowed cybercriminals to conceal harmful software within seemingly harmless video files. This vulnerability was discovered by known cybersecurity firm ESET, who found that it had been available for purchase on the dark web since June 6, 2024.
The messaging platform, Telegram, was informed about the flaw by June 26 and promptly released a patch to fix the issue by July 11. This incident underlines the necessity for constant vigilance and proactive measures in identifying and resolving potential security threats.
Attackers exploited this vulnerability to spread dangerous Android payloads via Telegram’s chats and groups. The harmful software file was hidden under a seemingly harmless 30-second video using Telegram’s programming interface. Once shared and downloaded, it infected the recipient’s device with hidden malware, while the attacker gained unauthorized access to personal data.
The exploit was limited to the Android version of Telegram, and the exact person or group behind it, and the intensity and frequency of actual attacks using this exploit, remain unknown. There has been significant concern about security gaps in Android systems following this incident.
In spite of these vulnerabilities, Android users are strongly encouraged to maintain regular software updates and use trusted security applications. Telegram will undoubtedly be under pressure to increase security measures for their Android users until further investigations are concluded.
Separately, another security risk was identified on the Android application.
Unmasking Telegram’s Android app vulnerabilities
Cybercriminals have been targeting the popular Telegram-based game, Hamster Kombat. Fake app stores promoting the game and deceptive Github repositories offering bogus automation tools have been detected. These fraudulent activities are primarily targeted towards unsuspecting gamers.
A unique type of malware, Lumma Stealer, was discovered by ESET that was cleverly designed to avoid traditional security measures. It was meant to steal sensitive user data from unsuspecting users who were tricked into downloading it from Github repositories claiming to offer automation tools for Hamster Kombat.
The popularity of Hamster Kombat, described as the “fastest-growing digital service worldwide,” has amassed over 250 million players since its launch in March 2024. As such, it is a lucrative target for cybercriminals. To protect the game and its players, Hamster Kombat developers have implemented end-to-end encryption and two-factor authentication among other precautions.
This series of incidents emphasises the vital nature of cybersecurity for software users and developers alike. It serves as a stark reminder for users to remain vigilant, update their system security regularly, and scan their devices to detect and remove any potential threats.