Check it out here.
Me: Android malware, sounds exciting.
Me: Looks under the hood
As part of this process, the user will be required to grant permission for the installation of apps from unknown sources, a security setting that is typically disabled by default to prevent unauthorized installations.
Me: …
tbf, the bug is with how Telegram is fooled into thinking an apk is actually a video. I won’t call it a vulnerability but Telegram explicitly prompts its users to use an external player to play the apk/video. An ominous prompt at that, because folks on Telegram really, really need to see that porn viral video, and will do whatever it takes.
Telegram has excellent track record, not surprised.
Telegram had a “vuln” that allow people to upload media loaded with malicious code in the metadata and will exceute when user tap on the image. Forgot its 2023 / 2024.
There was another vuln due to code error, also something deal with executable disguised as media files.
Of course it is just Telegram having intentionally or unintentionally shitty code for a “secure” messenger. But if I click on a video and get a “Allow installation from unknown sources” prompt, I would probably recheck the file too.
hilarious 