• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
Cyber Security News

A Sticker Sent On Telegram Could Have Exposed Your Secret Chats

You are here: Home / General Cyber Security News / A Sticker Sent On Telegram Could Have Exposed Your Secret Chats

Cybersecurity researchers on Monday disclosed information of a now-patched flaw in the Telegram messaging application that could have exposed users’ secret messages, shots, and films to distant destructive actors.

The issues were being learned by Italy-based mostly Shielder in iOS, Android, and macOS variations of the application. Adhering to dependable disclosure, Telegram dealt with them in a series of patches on September 30 and October 2, 2020.

✔ Approved Seller by TheCyberSecurity.News From Our Partners
Avast Ultimate Suite 2021

Protect yourself against all threads using AVAST Ultimate Suite. AVAST Ultimate Suite protects your Windows, macOS and your Android via Avast Premium. In addition it comes with AVAST's well-known VPN service SecureLineVPN. Therefore, it will be a security and privacy in one package.

Get AVAST Ultimate Suite with 65% discount certified seller: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


The flaws stemmed from the way top secret chat features operates and in the app’s dealing with of animated stickers, hence enabling attackers to ship malformed stickers to unsuspecting consumers and achieve access to messages, pics, and video clips that were being exchanged with their Telegram contacts as a result of equally typical and magic formula chats.

password auditor

Just one caveat of notice is that exploiting the flaws in the wild may well not have been trivial, as it involves chaining the aforementioned weaknesses to at minimum 1 further vulnerability in buy to get around security defenses in fashionable equipment nowadays. That might seem prohibitive, but, on the contrary, they are nicely in the get to of both equally cybercrime gangs and country-state teams alike.

Shielder said it chose to wait around for at minimum 90 days before publicly revealing the bugs so as to give end users ample time to update their gadgets.

“Periodic security reviews are vital in software package enhancement, specially with the introduction of new characteristics, such as the animated stickers,” the scientists explained. “The flaws we have described could have been employed in an attack to obtain access to the equipment of political opponents, journalists or dissidents.”

It is really worth noting that this is the 2nd flaw uncovered in Telegram’s key chat element, subsequent very last week’s reviews of a privacy-defeating bug in its macOS app that designed it probable to entry self-destructing audio and online video messages prolonged following they disappeared from top secret chats.

This is not the 1st time illustrations or photos, and multimedia files sent through messaging providers have been weaponized to carry out nefarious attacks.

In March 2017, researchers from Look at Issue Analysis unveiled a new form of attack from web variations of Telegram and WhatsApp, which associated sending users seemingly innocuous graphic files made up of destructive code that, when opened, could have authorized an adversary to get above users’ accounts on any browser fully, and obtain victims’ individual and group conversations, pictures, films, and get in touch with lists.

Observed this post attention-grabbing? Adhere to THN on Fb, Twitter  and LinkedIn to study additional exclusive content we article.


Some parts of this write-up are sourced from:
thehackernews.com

Previous Post: «Cyber Security News Mercedes Issues eCall Recall

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Recent Posts

  • A Sticker Sent On Telegram Could Have Exposed Your Secret Chats
  • Mercedes Issues eCall Recall
  • UK’s Top Cyber Schools Revealed
  • IRS Warns of EFIN Scam
  • Post Office Announces New Digital ID Solutions
  • SBRC Adds Ransomware Scenario to Security Training Program
  • Duo Charged with Multimillion-Dollar Dark Web Drugs Scheme
  • Microsoft: ‘More than 1,000 engineers’ executed SolarWinds attack
  • Apple will proxy Safe Browsing requests to hide iOS users’ IP from Google
  • Yandex Insider Breach Hits Nearly 5000 Inboxes

Copyright © TheCyberSecurity.News, All Rights Reserved.