See More

Potential Vulnerability in Telegram Raises Concerns

2 mins
Updated by Bary Rahma
Join our Trading Community on Telegram

In Brief

  • CertiK has raised concerns about a potential vulnerability in Telegram's Desktop application.
  • Despite Telegram's initial dismissal of the claims, CertiK demonstrated an RCE attack on the app.
  • Telegram is a widely used platform known for its crypto-friendly environment and news features.
  • promo

Blockchain security firm CertiK has issued a cautionary notice regarding a possible vulnerability detected in Telegram’s Desktop applications. This raises concerns over users’ potential exposure to malicious attacks.

However, Telegram, known for its crypto-friendly messaging platform, has refuted these claims, asserting that such a vulnerability is absent within its system.

Alleged Vulnerability on Telegram

Certik claimed that Telegram’s desktop application, specifically its media processing functionality, contained a significant Remote Code Execution (RCE) vulnerability. It allegedly exposes users to attacks through media files like images or videos.

The firm specified that the vulnerability affects only desktop apps that execute programs contained within files. However, the mobile application remains unaffected.

Telegram swiftly responded to CertiK’s claims, stating that it could not verify the vulnerability and suggesting it could be misinformation. However, CertiK demonstrated an RCE attack on Telegram’s latest Windows desktop version, reinforcing its initial claim. Consequently, it advised users to exercise caution until a complete resolution is reached.

CertiK recommends users review their Telegram settings and deactivate the auto-download feature to mitigate the vulnerability. Still, Telegram has since addressed CertiK’s renewed disclosure, citing a recent server-side fix for a similar issue. The firm clarified that the resolved vulnerability required specific user interactions and advanced conditions.

“Certik posted this after we notified them about a server-side fix for an issue which was similar to the one they initially hinted at (but required user interaction; required the user to have Python installed; and could not be triggered by automatic downloads),” Telegram said.

Telegram is a widely used messenger platform recognized for its cryptocurrency-friendly environment. The application enables users to communicate, exchange files, and conduct cryptocurrency transactions, including Bitcoin, through its custodial wallet solution.

Read more: Top 9 Telegram Channels for Crypto Signals in April 2024

Recently, Telegram began permitting users to buy advertisements using Toncoin (TON) and introduced a revenue-sharing program to reward channel owners.

Top crypto projects in the US | May 2024



In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content. Please note that our Terms and ConditionsPrivacy Policy, and Disclaimers have been updated.

Oluwapelumi Adejumo
Oluwapelumi believes Bitcoin and blockchain technology have the potential to change the world for the better. He is an avid reader and began writing about crypto in 2020.