CryptoSphere by AsCurrency

CryptoSphere: cryptocurrency news, market analysis, blockchain trends and investments. Your essential guide to the digital economy

Potential Vulnerability in Telegram Raises Concerns


Blockchain security firm CertiK has issued a cautionary notice regarding a possible vulnerability detected in Telegram’s Desktop applications. This raises concerns over users’ potential exposure to malicious attacks.

However, Telegram, known for its crypto-friendly messaging platform, has refuted these claims, asserting that such a vulnerability is absent within its system.

Alleged Vulnerability on Telegram

Certik claimed that Telegram’s desktop application, specifically its media processing functionality, contained a significant Remote Code Execution (RCE) vulnerability. It allegedly exposes users to attacks through media files like images or videos.

The firm specified that the vulnerability affects only desktop apps that execute programs contained within files. However, the mobile application remains unaffected.

Telegram swiftly responded to CertiK’s claims, stating that it could not verify the vulnerability and suggesting it could be misinformation. However, CertiK demonstrated an RCE attack on Telegram’s latest Windows desktop version, reinforcing its initial claim. Consequently, it advised users to exercise caution until a complete resolution is reached.

CertiK recommends users review their Telegram settings and deactivate the auto-download feature to mitigate the vulnerability. Still, Telegram has since addressed CertiK’s renewed disclosure, citing a recent server-side fix for a similar issue. The firm clarified that the resolved vulnerability required specific user interactions and advanced conditions.

“Certik posted this after we notified them about a server-side fix for an issue which was similar to the one they initially hinted at (but required user interaction; required the user to have Python installed; and could not be triggered by automatic downloads),” Telegram said.

Recently, Telegram began permitting users to buy advertisements using Toncoin (TON) and introduced a revenue-sharing program to reward channel owners.

Top crypto projects in the US | April 2024


Coinbase

Coinbase
Explore →

AlgosOne

AlgosOne
Explore →

Harambe AI

Harambe AI
Explore →

Chain GPT

Chain GPT
Explore →

iTrustCapital

iTrustCapital
Explore →

Trusted

Disclaimer

In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content. Please note that our Terms and ConditionsPrivacy Policy, and Disclaimers have been updated.


Conclusion

In conclusion, the alleged vulnerability in Telegram’s desktop application, as highlighted by CertiK, has raised concerns over potential malicious attacks on users. While Telegram initially refuted the claims, CertiK demonstrated an RCE attack on the latest Windows desktop version, reinforcing its initial assertion. It is recommended that users review their Telegram settings and deactivate the auto-download feature to mitigate the vulnerability. Despite Telegram’s recent server-side fix for a similar issue, the firm clarified that the resolved vulnerability required specific user interactions and advanced conditions. This incident emphasizes the importance of regularly updating security measures and staying cautious while using messaging platforms.

  • bitcoinBitcoin (BTC) $ 54,359.00
  • ethereumEthereum (ETH) $ 2,285.18
  • bnbBNB (BNB) $ 493.54
  • solanaSolana (SOL) $ 127.28
  • xrpXRP (XRP) $ 0.526946
  • cardanoCardano (ADA) $ 0.323045
  • shiba-inuShiba Inu (SHIB) $ 0.000013
  • polkadotPolkadot (DOT) $ 4.05