Telegram Security Breach: Hackers Exploit Chat to Spread Malicious Files – Your Action Plan

Telegram Security Breach

Telegram, the popular messaging app boasting over 700 million active users, has recently come under fire due to a serious security vulnerability.

This flaw, dubbed “EvilVideo,” allows hackers to transmit dangerous files disguised as harmless videos through chats. Primarily affecting older versions of the Telegram app for Android (before version 10.14.5), this exploit can compromise user devices and steal sensitive data.

Who’s Affected?

Primarily, Android users running older Telegram versions are vulnerable. However, all Telegram users should be vigilant and take protective measures.

What’s Happening?

Hackers are exploiting a zero-day vulnerability (a flaw unknown to the software vendor) to send malicious files that can automatically download when a chat is opened. These files can infect devices with malware, steal data, or grant hackers unauthorized access.

When Did It Start?

The vulnerability was discovered in June 2024 by ESET researchers and was actively exploited in online forums. Telegram was notified and released a patch on July 4th.

Where’s the Risk?

The risk lies within Telegram chats, both private and public channels. Automatic download settings amplify the threat, as malicious files can download without user interaction.

Why Does It Matter?

Telegram’s popularity and reputation for security make this exploit particularly concerning. Users’ trust in the platform is shaken, and the potential for widespread damage is significant.

Inside the Exploit: How “EvilVideo” Works

The “EvilVideo” exploit leverages the Telegram API (Application Programming Interface), a tool for developers. Hackers craft malicious files and disguise them as innocuous video clips. When a targeted user receives and opens a chat containing this “video,” the file automatically downloads if automatic downloads are enabled. This triggers the infection, and the malware gains a foothold on the device.

My Experience: A Close Call

As an avid Telegram user myself, I was alarmed by this news. While I wasn’t directly affected, I know people who were slow to update and narrowly dodged a serious security breach. This incident underscores the importance of staying vigilant and proactive about app updates.

Telegram’s Response and User Backlash

Telegram was criticized for its initial slow response to the vulnerability report. However, they ultimately addressed the issue with the release of version 10.14.5, which contains a patch for the exploit.

Despite the fix, the incident has sparked concerns among users. The delay in Telegram’s response and the potential for damage have left many questioning the platform’s security measures.

Your Action Plan: Protect Yourself Now

  1. Update Immediately: If you haven’t already, update your Telegram app to the latest version (10.14.5 or higher) from the Google Play Store. This is crucial to protect yourself from the “EvilVideo” exploit.
  1. Disable Automatic Downloads: Navigate to Settings > Data and Storage > Automatic media download and disable it for all media types in both mobile data and Wi-Fi settings. This prevents files from downloading without your permission.
  2. Be Cautious: Exercise caution when opening files or videos from unknown contacts. If you receive a suspicious file, don’t open it and consider reporting the sender to Telegram.
  3. Educate Yourself: Stay informed about security threats and best practices. Follow trusted cybersecurity resources and news outlets for updates.

Beyond “EvilVideo”: A Broader Lesson

While the “EvilVideo” exploit is a serious threat, it’s also a reminder of broader cybersecurity issues. Keeping all your apps updated is crucial for protecting yourself from evolving threats. Always be mindful of what you download and from whom, regardless of the platform.

The Future of Telegram Security

Telegram has a strong reputation for privacy and security, but this incident demonstrates that even the most secure platforms can be vulnerable. Moving forward, users will expect swifter responses to security threats and greater transparency from Telegram.

About the author

Avatar photo

Gauri

Gauri, a graduate in Computer Applications from MDU, Rohtak, and a tech journalist for 4 years, excels in covering diverse tech topics. Her contributions have been integral in earning PC-Tablet a spot in the top tech news sources list last year. Gauri is known for her clear, informative writing style and her ability to explain complex concepts in an accessible manner.

Add Comment

Click here to post a comment

Follow Us on Social Media

Web Stories

Best performing phones under Rs 70,000 in December 2024: iQOO 13, OPPO Find X8, and more! realme 14X 5G Review Redmi Note 14 Pro vs Realme 13 Pro Most Affordable 5G Phones Under Rs 12000 in December 2024: Samsung, Redmi, Lava, Poco & More! Best mobile phones under Rs 35,000 in December 2024: realme GT 6T, Vivo T3 Ultra 5G and more! Best Mobile Phones under Rs 25,000 in December 2024: Nothing Phone 2(a), OnePlus Nord CE 4 Lite & More!