ESET Research Podcast: EvilVideo

Cyber Security

ESET Research

ESET researchers discuss how they uncovered a zero-day Telegram for Android exploit that allowed attackers to send malicious files posing as videos

ESET Research Podcast: EvilVideo

Telegram, with nearly a billion monthly users, is a juicy target for cybercriminals, especially if they can exploit a zero-day vulnerability to spread malicious code. ESET malware researcher Lukáš Štefanko ran into one such exploit – which ESET named EvilVideo – being sold on an underground forum and went in to explore and report it.

In the discussion with our podcast host ESET Distinguished Researcher Aryeh Goretsky, Štefanko describes the findings of his analysis, including the fact that the flaw affected only the Android version of the app but not the versions for Windows and iOS.

He also detailed that in the proof of concept he analyzed, the exploit was bundled with an off-the-shelf spyware called Android/Spy.SpyMax but that could be swapped for any other malware of the attacker’s choice.

If you want to know how Telegram developers reacted to ESET reporting the vulnerability, how long it took to fix, how many victims were found, or what users and companies can do to stay safe, listen to the latest episode of the ESET Research podcast.

For a detailed report on EvilVideo or on the activities of numerous threat actors, follow ESET Research on X (formerly known as Twitter) and check out our latest blogposts and white papers on WeLiveSecurity.com. If you like what you hear, subscribe for more on Spotify, Apple Podcasts, or PodBean.

PS: For those of our listeners who are attending the 2024 ESET Technology Conference and playing along with our game of capture the flag, the flag for the CTF challenge named “Radio Broadcast” is: podcasts_are_new_books.

Products You May Like

Articles You May Like

Cybersecurity Awareness Month needs a radical overhaul – it needs legislation
Apple Releases Critical iOS and iPadOS Updates to Fix VoiceOver Password Vulnerability
Modernization of Authentication: Webinar on MFA, Passwords, and the Shift to Passwordless
How Confidence Between Teams Impacts Cyber Incident Outcomes
Why system resilience should mainly be the job of the OS, not just third-party applications

Leave a Reply

Your email address will not be published. Required fields are marked *