- Feb 1, 2013
- 977
Hello to all!
I am new to the world of Telegram and I discovered bots etc. Along with that discovery, I started looking the cyber security side of it.
I understand that social engineering is a real thing at every comunication platform, and users can be fooled to provide personal/sensitive data to another party or open links in web browser, or download any kind of file, so such situtations is out of scope.
But what about the bots? I honestly do not know what type of code is executed, if there is containment, and what permissions it has on my system while clicking those buttons. Also phone number is by default shared, if not changed in settings (I think), so maybe telegram API's give the present of a default "leak" for every bot.
So to sum up, can a user get infected just by launching a bot giving commands without sending personal data, or just clicking the available buttons?
I am new to the world of Telegram and I discovered bots etc. Along with that discovery, I started looking the cyber security side of it.
I understand that social engineering is a real thing at every comunication platform, and users can be fooled to provide personal/sensitive data to another party or open links in web browser, or download any kind of file, so such situtations is out of scope.
But what about the bots? I honestly do not know what type of code is executed, if there is containment, and what permissions it has on my system while clicking those buttons. Also phone number is by default shared, if not changed in settings (I think), so maybe telegram API's give the present of a default "leak" for every bot.
So to sum up, can a user get infected just by launching a bot giving commands without sending personal data, or just clicking the available buttons?
Last edited:
