Telegram Feature Exposes Your Precise Address to Hackers

upnorth

Moderator
Thread author
Verified
Staff Member
Malware Hunter
Well-known
Jul 27, 2015
5,458
If you’re using an Android device—or in some cases an iPhone—the Telegram messenger app makes it easy for hackers to find your precise location when you enable a feature that allows users who are geographically close to you to connect. The researcher who discovered the disclosure vulnerability and privately reported it to Telegram developers said they have no plans to fix it.

The problem stems from a feature called People Nearby. By default, it’s turned off. When users enable it, their geographic distance is shown to other people who have it turned on and are in (or are spoofing) the same geographic region. When People Nearby is used as designed, it’s a useful feature with few if any privacy concerns. After all, a notification that someone is 1 kilometer or 600 meters away still leaves stalkers guessing where, precisely, you are.
Telegram lets users create local groups within a geographical area. Hassan said that scammers often spoof their location to crash such groups and then peddle fake bitcoin investments, hacking tools, stolen social security numbers, and other scams. “Most users don't understand they are sharing their location, and perhaps their home address,” Hassan wrote in an email. “If a female used that feature to chat with a local group, she can be stalked by unwanted users.”
 

HarborFront

Level 71
Verified
Top Poster
Content Creator
Oct 9, 2016
6,014
A comparison of secure messaging apps here



1610003061834.png
 
Last edited:

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top