A security expert from Mumbai – India called Dhiraj Mishra, found a specific condition that exposed users’ IP address from Telegram desktop clients, Mac and Linux.
Despite the fact that the program describes itself similar to a protected and private correspondence application, yet the researcher has demonstrated that in its default design it would permit a user’s IP address to be leaked when making call.
The IP address leak is just possible when a voice call is initiated. This occur when the p2p connection choice was set to “Nobody”. A Peer-to-Peer connection isn’t private by outline, as it directly exposes the two participants.
When a Telegram conversation is initiated the IP address of the other person will be presented in the Telegram console logs. Not all forms incorporate a console log. For instance, Windows does not show a console log in their tests, while the Linux variant does.
The Telegram application indicates that users can keep their IP address from being disclosed by changing the setting as doing it will make the user’s calls to be steered through Telegram’s servers, which would then shroud the IP address, however at the expense of having a slight abatement in sound quality.
Dhiraj has shared a proof-of-concept (PoC) that showed how the IP addresses were leaked. Three “types” of IPs were exposed, namely:
- Telegram server IP (That’s Ok)
- Your own IP (Even that’s okay too)
- End user IP (That’s not okay)
The issue since its revelation has been a matter of deep concern that was patched by telegram with the release of Telegram for Desktop v1.4.0 and v1.3.17 beta.
Telegram clients should update their Telegram app as soon as possible.
Pedro Tavares is a professional in the field of information security working as an Ethical Hacker/Pentester, Malware Researcher and also a Security Evangelist. He is also a founding member at CSIRT.UBI and Editor-in-Chief of the security computer blog seguranca-informatica.pt.
In recent years he has invested in the field of information security, exploring and analyzing a wide range of topics, such as pentesting (Kali Linux), malware, exploitation, hacking, IoT and security in Active Directory networks. He is also Freelance Writer (Infosec. Resources Institute and Cyber Defense Magazine) and developer of the 0xSI_f33d – a feed that compiles phishing and malware campaigns targeting Portuguese citizens.
Read more here.