Android版Telegram漏洞讓駭客將惡意程式偽裝成影音檔
支付動態 · 2024-07-23
ESET揭露Telegram近期修補的Android版應用程式安全漏洞,允許駭客將惡意APK檔偽裝成影音檔並自動於用戶端下載
/ESET
研究人員認為,駭客所製作的酬載應該是利用Telegram API打造的,猜測漏洞存在於Telegram允許駭客將二進位應用程式顯示為影片,以欺騙使用者。
ESET是在6月26日發現駭客正於地下論壇兜售該漏洞,它影響Android for Telegram 10.14.4及更早之前的版本,並通知Telegram,Telegram則在7月11日釋出10.14.5版進行修補。
/ESET
此外,此一漏洞僅波及Android版Telegram,不管是透過Web版或Windows版的Telegram接收該偽裝成影片的APK檔時,該檔案的副檔名皆會被Telegram轉為.mp4,企圖播放時即會出現錯誤,因而逃過一劫。
熱門文章
Full House at GAT Expo Cartagena 2026 Academic Agenda
Online Game
Vietnam's tightening online gaming policy creates new market opportunities
Southeast Asia
1spin4win releases unique slot Don Catleone Hold and Win featuring gangster cats
Online Game
HUIDU Invites You to Booth T70 at iGB L!VE 2026 — Let’s Ignite London This July!
HUIDU Focus
GGC Awards 2026 Shines in Colombo: Honoring Leaders and Innovators in the iGaming Industry
HUIDU Focus
Indiana online casino bill stalls in House committee
Regulation
Vietnam’s Controlled Gaming Shift Gains Ground, But Domestic Demand Still Lags
Southeast Asia
1spin4win grows its Latin American presence by partnering with Fortuna Juegos
Online Game
PropellerAds Shared a New iGaming Case Study: 97,674 Installs and 12,701 Deposits in 3 Months
Marketing
Super PAC Raises $48 Million: Sports Betting Forces Ramp Up Political Push
Regulation
Brazil Proposes Raising Gambling Tax Rate to 24%, With Revenue Allocated to Social Security and Healthcare
Regulation
B2B Tech Infrastructure Gains Momentum in Philippine Gaming Sector
Southeast Asia
Online gambling, crypto pose ongoing money laundering risks in Philippines, analyst says
Southeast Asia
Institutional Academy that exceeded expectations marked the opening of GAT CDMX
Online Game
Kazakhstan plans to penalise online casino promotions
Regulation
