|
Telegram feature exposes your precise address to hackers - TechAmok
Telegram feature exposes your precise address to hackers - [security] 03:31 PM EST - Jan,09 2021 - post a comment If you're using an Android device-or in some cases an iPhone-the Telegram messenger app makes it easy for hackers to find your precise location when you enable a feature that allows users who are geographically close to you to connect. The researcher who discovered the disclosure vulnerability and privately reported it to Telegram developers said they have no plans to fix it. The problem stems from a feature called People Nearby. By default, it's turned off. When users enable it, their geographic distance is shown to other people who have it turned on and are in (or are spoofing) the same geographic region. When People Nearby is used as designed, it's a useful feature with few if any privacy concerns. After all, a notification that someone is 1 kilometer or 600 meters away still leaves stalkers guessing where, precisely, you are.
Independent researcher Ahmed Hassan, however, has shown how the feature can be abused to divulge exactly where you are. Using readily available software and a rooted Android device, he's able to spoof the location his device reports to Telegram servers. By using just three different locations and measuring the corresponding distance reported by People Nearby, he is able to pinpoint a user's precise location. Telegram lets users create local groups within a geographical area. Hassan said that scammers often spoof their location to crash such groups and then peddle fake bitcoin investments, hacking tools, stolen social security numbers, and other scams.
"Most users don't understand they are sharing their location, and perhaps their home address," Hassan wrote in an email. "If a female used that feature to chat with a local group, she can be stalked by unwanted users."
A proof-of-concept video the researcher sent to Telegram showed how he could discern the address of a People Nearby user when he used a free GPS spoofing app to make his phone report just three different locations. He then drew a circle around each of the three locations with a radius of the distance reported by Telegram. The user's precise location was where all three intersected.
In a blog post, Hassan included an email from Telegram in response to the report he had sent them. It noted that People Nearby isn't enabled by default and that "it's expected that determining the exact location is possible under certain conditions." Telegram representatives didn't respond to an email seeking comment. |
|
Short overview of recent news articles |
First 9.1 GHz CPU (overclocked 14900KS) (Mar,19 2024 ) Haley Messick - Saatisfaction @bennybenassi - In10sive Mastercamp (Mar,18 2024 ) 1000W CPU: The Most Powerful Desktop Processor (Mar,18 2024 ) Expands Snapdragon 8 Series to Cover More Price Points (Mar,18 2024 ) Train Vs Lamborghini (Mar,17 2024 ) Don't use a Microsoft Account! (Mar,16 2024 ) This Ghillie Made from MIRRORS is SHOCKINGLY GOOD (Mar,16 2024 ) How Hackers Deliver Malware to Hack you using Social Media (Mar,16 2024 ) Call of Duty: Warzone Mobile - Launch Trailer (Mar,15 2024 ) Intel's 4th Attempt At Beating Ryzen - "New" 6.2GHz Core (Mar,14 2024 ) Asus Goes Big with Zenfone 11 Ultra (Mar,14 2024 ) House Passes Bill to Force Sale of TikTok (Mar,14 2024 ) Motorola Brings More Affordable 5G Phones to its 2024 Lineup (Mar,14 2024 ) Capristan Swim - Miami Swim Week | Art Basel Miami (Mar,14 2024 ) The Most Stunning All SSD NAS Ever? Inside QNAP's All-SSD (Mar,11 2024 ) M2 vs M3 MacBook Air - ULTIMATE Comparison! (Mar,11 2024 ) Risky PC Experiment: Direct CPU Water-Cooling! Can It Survive? (Mar,11 2024 ) SpaceX Falcon 9 rocket launches 23 Starlink satellites from (Mar,11 2024 ) I tried the Cheapest Arduino Alternative (that Nobody heard of) (Mar,10 2024 ) This is the WEIRDEST PC I've ever seen. (Mar,10 2024 ) Nvidia Retires GTX 16 Series, GDDR7 Arrives, FSR Upscaling Going AI? (Mar,10 2024 ) The New BIOS Hack That Bypasses Every Antivirus (Mar,09 2024 ) Microsoft says it hasn't been able to shake Russian state hackers (Mar,09 2024 ) iOS 17.4, Out Today, Brings Transcripts to Apple Podcasts (Mar,09 2024 ) Microsoft Kills Android-on-Windows (Mar,09 2024 ) Don't Make These Common PC Building Mistakes! (Mar,08 2024 ) Sydney Sweeney Gets Outcast By Her Hooters Co-Workers On 'SNL' (Mar,07 2024 ) How A Journalist Uncovered America's Secret Doomsday Bunkers (Mar,07 2024 ) Government Banning Hardware Wallets? (Mar,07 2024 ) Xiaomi 14 Ultra Full Review: I prefer to call it '13S Ultra' (Mar,07 2024 ) Windows Defender vs Ransomware 2024 (Mar,05 2024 ) I fixed this PCIe card with tape - I can't believe this worked... (Mar,04 2024 ) Auto Change IP Address in every 3 Seconds - 100% ANONYMOUS (Mar,03 2024 ) Liquid Cooling is Dead (Mar,03 2024 ) This AAA Hedera Powered Game Could EXPLODE HBAR'S VALUE (Mar,02 2024 ) Gaming on Starlink - 2024 Review and Tes (Mar,02 2024 ) World's Fastest Camera Drone Vs F1 Car (ft. Max Verstappen) (Mar,01 2024 ) Top 5 Best CPU Coolers 2024 (Feb,29 2024 ) Tangem vs Cypherock X1 Cold Wallet - Choose Wisely! (Feb,29 2024 ) The All China PC (Feb,29 2024 ) The NEW Legion 7i - A Game Changer (Feb,28 2024 ) First Look 2024: A new era of Samsung AI TV (Feb,28 2024 ) Tesla Model 3 (2024) - Crazy Cool Tech Features!!! (Feb,27 2024 ) The Terrible Simpsons Predictions for 2024 (Feb,26 2024 ) HW News - Intel Wants AMD's Chips, Cooler Master Sues Everyone (Feb,25 2024 ) It CAN be done - The Potato PC (Feb,25 2024 ) What's the best bang-for-the-buck gaming CPU right now? (Feb,25 2024 ) How to never accidentally run Malware: Must Have Windows Tweaks (Feb,25 2024 ) Black Tape Project Full Show / Miami Swim Week (Feb,25 2024 ) 3 USB things every Windows user must do right now! (Feb,24 2024 )
>> News Archive <<
| |
|