EvilVideo

Telegram, with nearly a billion monthly users, is a juicy target for cybercriminals, especially if they can exploit a zero-day vulnerability. ESET malware researcher Lukáš Štefanko ran into such an exploit – which ESET named EvilVideo – being sold online. In the discussion with our podcast host ESET Distinguished Researcher Aryeh Goretsky, Štefanko describes the findings of his analysis, including which platforms were affected, what malware can be bundled with EvilVideo, and how Telegram developers reacted when ESET reached out to report the vulnerability. If you want to read more about EvilVideo or our other research findings, head to WeLiveSecurity.com.

Host

Aryeh Goretsky, ESET Distinguished Researcher

Guest:

Lukáš Štefanko, ESET Malware Researcher

Materials:

Cursed tapes: Exploiting the EvilVideo vulnerability on Telegram for Android

PS: For those of our listeners who are attending the 2024 ESET Technology Conference and playing along with our game of capture the flag, the flag for the CTF challenge named “Radio Broadcast” is: podcasts_are_new_books.