How hackers exploited a Telegram weakness to send malware file via chat
The Hindu
A report found a weakness in the Telegram app which was then exploited by hackers to send malicious files via chat.
A critical security flaw in the encrypted messaging app Telegram was reportedly exploited by attackers to spread malicious files as harmless-looking videos. Called EvilVideo, the flaw was found in the mobile app for Android and allowed malicious actors to embed malware within videos. The exploit appeared for sale on an underground forum on June 6, 2024, according to ESET’s research team, after which the app disclosed it on June 26. The issue was finally addressed by Telegram in version 10.14.5 released on July 11.
Attackers were able to hide a malicious APK file in a 30-second clip which when clicked on showed a warning saying that the video couldn’t be played and urged them to play it on an external player. When they proceed, users will be asked to okay an installation of an APK file called ‘xHamster Premium Mod,’ through Telegram.
Security researcher Lukas Stefanko explained in a blog that attackers used Telegram’s API to make the payload and that by default media received via Telegram download automatically. So, users will find the malicious payload downloaded as soon as they open the conversation.
While there’s still no news around the culprits of the attack, it is known that the same actor advertised a fully undetectable Android crypter that can reportedly bypass Google Play Protect.
(For top technology news of the day, subscribe to our tech newsletter Today’s Cache)
A spokesperson for the app responded to the ESET report saying the exploit wasn’t a vulnerability on Telegram since it would require users to manually open the video and install the app. They noted that they had received a report about the exploit on July 5 and deployed a server-fix on July 9 on all versions.
A couple of days ago, the company’s founder Pavel Durov said that they’ve touched 950 million active users and aims to cross the 1 billion mark this year. Telegram also plans to launch an app store and an in-app browser with support for Web3 pages later this month.
Indian vessels can freely sail through the Strait of Hormuz without needing permission, confirms a senior government official.
The Hindu Morning Digest gives a select list of stories to start the day. Read the top news today on March 25, 2026
An IndiGo flight at Vijayawada airport was grounded due to a tyre burst, but all 79 occupants are safe.
Tamil Nadu Assembly election 2026: TMC(M) gets five seats in NDA, to contest on BJP's 'Lotus' symbol
TMC(M) secures five NDA seats, to contest Assembly elections using BJP's 'Lotus' symbol in Tamil Nadu.
The Karnataka government will discuss with officials the possibility of creating a portal for unemployed youth to share their details and access job opportunities in micro, small and medium enterprises (MSMEs), Minister for Small Industries and Public Enterprises Sharanabasappa Darshanapur said in the Legislative Council on Tuesday.
AIADMK's 2026 manifesto promises free rations, women's benefits, education reforms, and economic growth initiatives for Tamil Nadu.
U.S.-Israel war on Iran LIVE: Follow The Hindu for updates on the West Asia conflict on March 24, 2026
Join the 'Click & Commit' campaign on World TB Day, uniting Chennai's community to pledge against tuberculosis.
Brahmin candidates join Naam Tamilar Katchi, marking a significant shift in Tamil Nadu's political landscape and inclusivity.
Over 750 wheelchairs are prepared in Thoothukudi for accessible voting, ensuring convenience for differently abled and elderly voters.
Madras HC dismisses S.P. Velumani's petition challenging I-T assessment of ₹7 crore as unexplained election expenses from 2016.
The Lok Sabha passes a contentious Transgender Bill, sparking praise from the government and criticism from opposition parties.
Kamal Haasan announces support for DMK in 2026 elections, emphasizing the need for 'Dravidian Model 2.0' for Tamil Nadu's welfare.