Messaging services are very delicate in that because of the massive use they are subjected to, users are generally exposed to several types of generality.
This is exactly the case with Telegram, the popular messaging app. A computer security specialist recently discovered a vulnerability that affected the application. If one of the arguments of the application is that it allows its users to communicate safely through the encryption of their data, it does not prevent that this security problem can be put in harm. In a way.
This article will also interest you: Hacking involving the propulsion of several nude photos of women on the messaging app Telegram
As a reminder it must mean that Telegram Messenger and an app that runs under the operating system iOS and Android. It allows, like WhatsApp, to exchange videos of photos and even text or audio messages. It uses what is called end-to-end encryption for trade security. Unfortunately, it would appear that a feature would allow hackers to accurately determine a user's geographic location. Indeed, when you use an Android smartphone, while activating the feature that allows your loved ones to connect to you when they are at a reasonable geographical distance, the cybercriminal can know exactly where you are. This is not typical only for Android smartphones. Some iPhones are also affected by this problem. The computer security specialist who discovered this security flaw says he has already notified Telegram officials, however they may have no intention of fixing the vulnerability.
Everything would be lm caused by the feature known as "People Nearby" in French "People nearby. By default, the feature is not active. However, users when active can see how far a person close to them is. In a way in terms of privacy the functionality poses no problem for me. However, it is very convenient for a person with harassment intentions, as he can know where exactly his victim is.
Contacted by the cybersecurity researcher named Ahmed Hassan, an independent in the sector, who sent them proof of vulnerability via video, the structure behind the messaging app responded: "Thank you for contacting us. Users in the "People Nearby" section intentionally share their location, and this feature is disabled by default. It is expected that it will be possible to determine the exact location under certain conditions. Unfortunately, this case is not covered by our bug premium program."
According to the independent researcher, he would have earned a bounty in when he discovered a similar security flaw on another famous messaging app, LINE. A feature that can also be found on this application. However in their case the problem has been solved.
How did the researcher operate? It's pretty simple. Indeed, he used software that is accessible to all interested people. Subsequently, it sent three false positions to the Telegram app server based on the approximate location of the target. Thanks to a smartphone that worked on Android, a phone rooted. Thanks to this process, he was able to determine almost precisely the position of the target user.
Another problem with location sharing via the Telegram app. The messaging service allows its users to create local groups based on location. And that's using the location. The researcher explains that these types of groups are quite vulnerable. Especially for people who unfortunately can't measure the impact of the problem.
"Most users don't understand that they share their location, and perhaps their personal address," the independent researcher wrote in his emailed statement. "If a woman uses this feature to chat with a local group, she can be tracked down by unwanted users."
The researcher did not release his video explaining the geolocation hack. However, he insists on being wary.
Now access an unlimited number of passwords: