Video wird geladen...

Video konnte nicht geladen werden

Beim Laden dieses Videos ist ein Problem aufgetreten. Dies könnte an einem vorübergehenden Netzwerkproblem liegen oder das Video ist möglicherweise nicht verfügbar.

Exploiting the #EvilVideo vulnerability on Telegram We discovered a 0-day Telegram for Android exploit that allows sending malicious apps disguised as videos ESET Research ESET

Lukas Stefanko

24,289 subscribers

55,814 Aufrufe • vor 1 Jahr •via X (Twitter)

Wissenschaft & Technologie Nachrichten & Politik Gesundheit & Wellness #EvilVideo

Anya Rossi• Live Now

Private livecam show

5 Kommentare

Profilbild von Lukas Stefanko

Lukas Stefankovor 1 Jahr

@ESET We found the EvilVideo exploit being advertised for sale on an underground forum since Jun 6, 2024. Price wasn't included.

Profilbild von Lukas Stefanko

Lukas Stefankovor 1 Jahr

@ESET The exploit rely on the threat actor being able to create a payload that displays an Android app as a video and not as a binary attachment. Once shared in chat, the malicious payload appears as a 30-second video

Profilbild von Lukas Stefanko

Lukas Stefankovor 1 Jahr

@ESET If user tries to play the “video”, Telegram displays a message that it is unable to play it and suggests using an external player. If the user taps the Open button, payload will request to install a malicious app disguised as the external player.

Profilbild von Lukas Stefanko

Lukas Stefankovor 1 Jahr

@ESET Report timeline [06-06-2024] EvilVideo advertised for sale on an underground forum [26-06-2024] Reported to Telegram [11-07-2024] Fixed (v10.14.5)

Profilbild von Oak Investor

Oak Investorvor 1 Jahr

@ESETresearch @ESET @telegram @jbfxdotme

Ähnliche Videos

$🔥 ESET fixed CVE-2024-7400 found by our researcher Dmitriy Zuzlov! This is an LPE that affects 13 ESET solutions and allows a low-privileged attacker to delete arbitrary files, which can be used to obtain NT AUTHORITY\SYSTEM privileges! The advisory 👉$

🔥 ESET fixed CVE-2024-7400 found by our researcher Dmitriy Zuzlov! This is an LPE that affects 13 ESET solutions and allows a low-privileged attacker to delete arbitrary files, which can be used to obtain NT AUTHORITY\SYSTEM privileges! The advisory 👉

PT SWARM

15,359 Aufrufe • vor 1 Jahr

Les messageries chiffrées sont-elles 100 % fiables ? Benoit Grünemwald (ESET France) #Cybersecurité #Signalgate #Telegram #faille #MondeNumerique Interview complète ici 👉

Les messageries chiffrées sont-elles 100 % fiables ? Benoit Grünemwald (ESET France) #Cybersecurité #Signalgate #Telegram #faille #MondeNumerique Interview complète ici 👉

Jerome Colombain | Monde Numérique

102,270 Aufrufe • vor 1 Jahr

BREAKING NEWS 🗣️‼️ ESET NRG Shock

BREAKING NEWS 🗣️‼️ ESET NRG Shock

Overkill Gaming

77,317 Aufrufe • vor 3 Jahren

Who’s gonna take home this ESET Gaming PC?

Who’s gonna take home this ESET Gaming PC?

Overkill Gaming

100,906 Aufrufe • vor 3 Jahren

Unforgettable memories from last weekend with Dr. Brian May at BRIDGE FROM THE FUTURE. Thank you to ESET and Starmus #Starmus #StarmusVII #StarmusEarth #StarmusFestival2024 #Bratislava #Slovakia #ESET #DigitalSecurity #BridgefromtheFuture #music #science

Unforgettable memories from last weekend with Dr. Brian May at BRIDGE FROM THE FUTURE. Thank you to ESET and Starmus #Starmus #StarmusVII #StarmusEarth #StarmusFestival2024 #Bratislava #Slovakia #ESET #DigitalSecurity #BridgefromtheFuture #music #science

Jean-Michel Jarre

11,382 Aufrufe • vor 2 Jahren

Flying drone rocking with Dr. Brian May and me. Thank you ESET and Starmus #Starmus #StarmusVII #StarmusEarth #StarmusFestival2024 #Bratislava #Slovakia #ESET #DigitalSecurity #BridgefromtheFuture #music #science #jeanmicheljarre #brianmay

Flying drone rocking with Dr. Brian May and me. Thank you ESET and Starmus #Starmus #StarmusVII #StarmusEarth #StarmusFestival2024 #Bratislava #Slovakia #ESET #DigitalSecurity #BridgefromtheFuture #music #science #jeanmicheljarre #brianmay

Jean-Michel Jarre

28,404 Aufrufe • vor 2 Jahren

Demo of using #BlueDucky to exploit 0-click Bluetooth vulnerability of targeted Android smartphone (CVE-2023-45866) Executed by Raspberry Pi 4 and Android running #NetHunter

Demo of using #BlueDucky to exploit 0-click Bluetooth vulnerability of targeted Android smartphone (CVE-2023-45866) Executed by Raspberry Pi 4 and Android running #NetHunter

Mobile Hacker

129,637 Aufrufe • vor 2 Jahren

Exfiltrate #WhatsApp chat, or internal data of any Android app, running on Android 12 or 13 by exploiting CVE-2024-0044 vulnerability

Exfiltrate #WhatsApp chat, or internal data of any Android app, running on Android 12 or 13 by exploiting CVE-2024-0044 vulnerability

Mobile Hacker

143,604 Aufrufe • vor 2 Jahren

This is a HUGE PC Giveaway! Thanks to ESET 💪 Enter here

This is a HUGE PC Giveaway! Thanks to ESET 💪 Enter here

Overkill Gaming

285,308 Aufrufe • vor 3 Jahren

Follow the guide Go to ESET homepage using your browser and follow this steps

Follow the guide Go to ESET homepage using your browser and follow this steps

Justknight🥷🏿

14,590 Aufrufe • vor 1 Jahr

ESET ASKERLERİ TARAFINDAN AHIR YAPILAN CAMİ ÖZGÜRLÜĞE KAVUŞTU…

ESET ASKERLERİ TARAFINDAN AHIR YAPILAN CAMİ ÖZGÜRLÜĞE KAVUŞTU…

İbrahim Melih Gökçek

41,331 Aufrufe • vor 1 Jahr

🚨 Very concerning 0-click zero-day vulnerability for sale: allows unauthenticated attackers to execute arbitrary code with SYSTEM-level privileges on fully patched Windows 10/11 and Windows Server 2022 systems. The exploit is “reliable, low-resource, and bypasses the latest security mitigations.” Price: 25k POC:

🚨 Very concerning 0-click zero-day vulnerability for sale: allows unauthenticated attackers to execute arbitrary code with SYSTEM-level privileges on fully patched Windows 10/11 and Windows Server 2022 systems. The exploit is “reliable, low-resource, and bypasses the latest security mitigations.” Price: 25k POC:

International Cyber Digest

77,014 Aufrufe • vor 9 Monaten

The CertiK Skyfall team identified and collaborated with Apple to fix a vulnerability (CVE-2024-27801) in the low-level implementation of NSXPC, affecting all Apple platforms. This vulnerability could have potentially allowed malicious apps to gain unauthorized access to system services or steal user data from certain third-party applications, particularly those with architectures similar to Telegram. Our proof-of-concept attack demonstrated how a malicious app could steal chat history (such as pictures) from Telegram and transfer it to a remote server. Upgrade all your Apple devices and stay safe! Source:

The CertiK Skyfall team identified and collaborated with Apple to fix a vulnerability (CVE-2024-27801) in the low-level implementation of NSXPC, affecting all Apple platforms. This vulnerability could have potentially allowed malicious apps to gain unauthorized access to system services or steal user data from certain third-party applications, particularly those with architectures similar to Telegram. Our proof-of-concept attack demonstrated how a malicious app could steal chat history (such as pictures) from Telegram and transfer it to a remote server. Upgrade all your Apple devices and stay safe! Source:

CertiK

341,467 Aufrufe • vor 2 Jahren

This NRG Shock and ESET Gaming Setup can be yours! 💪

This NRG Shock and ESET Gaming Setup can be yours! 💪

Overkill Gaming

463,205 Aufrufe • vor 3 Jahren

Thanks to ESET we built something Crazy! A Terrarium Gaming PC with a live Chameleon. AND to celebrate we’re giving away another PC here!

Thanks to ESET we built something Crazy! A Terrarium Gaming PC with a live Chameleon. AND to celebrate we’re giving away another PC here!

Overkill Gaming

102,745 Aufrufe • vor 3 Jahren

Love to see you out helping the community, Alex Scott ❤️ #afcb x ESET 🤝

Love to see you out helping the community, Alex Scott ❤️ #afcb x ESET 🤝

AFC Bournemouth 🍒

12,200 Aufrufe • vor 1 Jahr

New Pixnapping Attack: allows any Android app without permissions to leak info displayed by other apps exploiting Android APIs and a hardware side channel (CVE-2025-48561) Pixnapping is not fixed and probably affects all Androids. PoC: Not available yet. Steal 2FA codes 👇

New Pixnapping Attack: allows any Android app without permissions to leak info displayed by other apps exploiting Android APIs and a hardware side channel (CVE-2025-48561) Pixnapping is not fixed and probably affects all Androids. PoC: Not available yet. Steal 2FA codes 👇

Mobile Hacker

55,009 Aufrufe • vor 8 Monaten

I had a lot of fun working on this research! * Unauthenticated RCE? ✅ * Overlooked attack vector in Kubernetes? ✅ * Nginx quirks? ✅ * Stable & reliable exploit? ✅ Check out the thread for details about the vulnerability we found in Ingress Nginx Controller 👇

I had a lot of fun working on this research! * Unauthenticated RCE? ✅ * Overlooked attack vector in Kubernetes? ✅ * Nginx quirks? ✅ * Stable & reliable exploit? ✅ Check out the thread for details about the vulnerability we found in Ingress Nginx Controller 👇

sagitz

13,720 Aufrufe • vor 1 Jahr

ÖZGÜR ÖZEL HAPİSANELERDE ÖLDÜRÜLEN YÜZBİNLERCE ZAVALLI İÇİN ESET PİÇİNE BİRŞEYLER SÖYLEMEYİ DE DÜŞÜNDÜN MÜ?

ÖZGÜR ÖZEL HAPİSANELERDE ÖLDÜRÜLEN YÜZBİNLERCE ZAVALLI İÇİN ESET PİÇİNE BİRŞEYLER SÖYLEMEYİ DE DÜŞÜNDÜN MÜ?

İbrahim Melih Gökçek

26,062 Aufrufe • vor 1 Jahr

Exploit PoC Telegram Web app XSS / Session Hijacking 1-click The XSS vulnerability is triggered using the event type web_app_open_link via postMessage. (CVE-2024–33905)

Exploit PoC Telegram Web app XSS / Session Hijacking 1-click The XSS vulnerability is triggered using the event type web_app_open_link via postMessage. (CVE-2024–33905)

NullSecurityX

93,653 Aufrufe • vor 2 Monaten