Blockchain Security Firm Insists on Telegram Vulnerability

Although Telegram disputes CertiK Alert’s claim, the security firm remains firm in its belief that a vulnerability exists on Telegram’s platform. CertiK advises taking precautions until they have finished conducting a thorough investigation.

On Wednesday, CertiK issued a caution to the public about potential security issues with Telegram. However, Telegram responded by denying the allegations and claiming the report was inaccurate.

On Friday, CertiK stated via tweet that they would not back down and the risk was authentic after conducting further probing. Subsequently, Telegram requested that CertiK remove their initial cautionary message regarding the accuracy of the data.

Based on our findings, the risk is valid. It would be prudent for users to exercise caution until the situation is fully resolved.

— CertiK Alert (@CertiKAlert) April 12, 2024

The information leak is said to involve Telegram’s automatic media downloading button. It is also a crucial matter that needs to be taken into account as it might end up with abuse and thus it is a fundamental issue.

An instance reported by CertiK identified a Remote Code Execution (RCE) weakness, ranked as critical. This flaw might give an intruder control over user accounts, enabling them to manipulate data or execute harmful software.

Cybercriminals can maliciously manipulate media files like images and videos during transmission. Consequently, these files might automatically start downloading on users’ devices without their approval.

To enhance security, consider disabling app downloads, enabling multi-factor authentication, and using robust passwords instead.

Read More

Sorry. No data so far.

2024-04-13 00:04