Cybernews reports that Telegram for Android and Telegram Desktop for Linux have been affected by a critical zero-click vulnerability that could enable remote code execution via animated stickers.Threat actors abusing the flaw, discovered by Trend Micro Zero Day Initiative researchers, could simply deliver animated stickers to facilitate the automated malicious code execution, reported Italy's National Cybersecurity Agency."Exploiting this vulnerability could give an attacker control over the device and access to sensitive data, including messages, contacts, and active sessions related to the Telegram account," said the agency.With indicators of compromise and fixes yet to be released, organizations using Telegram Business accounts have been urged to only permit new communications from address book contacts or Premium users. Individuals using Telegram, on the other hand, have been advised to either remove Telegram from Android and Linux systems in the meantime or leverage the messaging app's web version in updated browsers.Such a development comes after Telegram was reported by CYFIRMA researchers to have been tapped as a marketplace for malicious cyber activity.
Application security, Vulnerability Management

New critical Telegram zero-click issue threatens total device compromise

(Adobe Stock)

Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds



