-
@ Nostr News Network
2025-03-06 19:50:27
New Telegram vulnerability, EvilLoader, discovered. Here's what you need to know
This allows attackers to spoof malicious APKs as videos. It's still unpatched & works on Telegram for Android 11.7.4. There's even evidence that it's been sold on underground forums for people to use at-will, and can be used to then install spyware, ransomware, & other malware.
What can you do?
1. Update Telegram ASAP, as they'll hopefully patch it.
2. Disable Auto-Download
3. Don't open/execute untrusted files
4. Only communicate with trusted contacts.
5. Use Signal or another trusted E2EE provider.
https://m.primal.net/PWFZ.jpg