|
|
Telegram feature exposes your precise address to hackers - TechAmok
Telegram feature exposes your precise address to hackers - [security]
03:31 PM EST - Jan,09 2021 - post a comment If you're using an Android device-or in some cases an iPhone-the Telegram messenger app makes it easy for hackers to find your precise location when you enable a feature that allows users who are geographically close to you to connect. The researcher who discovered the disclosure vulnerability and privately reported it to Telegram developers said they have no plans to fix it. The problem stems from a feature called People Nearby. By default, it's turned off. When users enable it, their geographic distance is shown to other people who have it turned on and are in (or are spoofing) the same geographic region. When People Nearby is used as designed, it's a useful feature with few if any privacy concerns. After all, a notification that someone is 1 kilometer or 600 meters away still leaves stalkers guessing where, precisely, you are.
Independent researcher Ahmed Hassan, however, has shown how the feature can be abused to divulge exactly where you are. Using readily available software and a rooted Android device, he's able to spoof the location his device reports to Telegram servers. By using just three different locations and measuring the corresponding distance reported by People Nearby, he is able to pinpoint a user's precise location. Telegram lets users create local groups within a geographical area. Hassan said that scammers often spoof their location to crash such groups and then peddle fake bitcoin investments, hacking tools, stolen social security numbers, and other scams.
"Most users don't understand they are sharing their location, and perhaps their home address," Hassan wrote in an email. "If a female used that feature to chat with a local group, she can be stalked by unwanted users."
A proof-of-concept video the researcher sent to Telegram showed how he could discern the address of a People Nearby user when he used a free GPS spoofing app to make his phone report just three different locations. He then drew a circle around each of the three locations with a radius of the distance reported by Telegram. The user's precise location was where all three intersected.
In a blog post, Hassan included an email from Telegram in response to the report he had sent them. It noted that People Nearby isn't enabled by default and that "it's expected that determining the exact location is possible under certain conditions." Telegram representatives didn't respond to an email seeking comment. |
|
Short overview of recent news articles |
|
20 TOP ALIEXPRESS products for BLACK FRIDAY (Nov,29 2025 ) Stop Wasting Money on Premium Monitors (Nov,26 2025 ) The Blackest Friday - Tech News Nov 23 (Nov,23 2025 ) T-Roc: Will this new VW be the best car of 2026? (Nov,23 2025 ) Can I build my own Steam Machine? (Nov,23 2025 ) 50 NEXT-LEVEL Gadgets Every Man NEEDS to See (Nov,22 2025 ) RETURN TO SILENT HILL Trailer (2026) (Nov,22 2025 ) I was WRONG about the Porsche 911 GT3 (or was I?) (Nov,20 2025 ) Pi GPT Tool Turns Raspberry Pi into a ChatGPT-Powered Smart Device (Nov,20 2025 ) Rainbow Six Siege X - Official 'Team Rainbow's Last Mission' (Nov,17 2025 ) Stranger Things Seasons 1-4 Recap (Nov,17 2025 ) Kill Bill: The Whole Bloody Affair - Official Trailer (2025) Uma (Nov,16 2025 ) The Devil Wears Prada 2 - Official Teaser Trailer (2026) Meryl (Nov,15 2025 ) Valve’s New Console and Controller - STEAM Machine & STEAM (Nov,15 2025 ) Valve Steam Machine, Desktop SteamOS, Steam Frame VR, & Controller | (Nov,15 2025 ) Battlefield REDSEC - Official Live-Action Trailer (Nov,01 2025 ) What's the Best PC Upgrade (besides CPU/GPU)? (Nov,01 2025 ) Directive 8020 - RTX On Trailer (Oct,31 2025 ) Stranger Things 5 - Official Trailer (Oct,30 2025 ) AMD Releases Software Adrenalin Edition 25.10.2 WHQL Drivers (Oct,29 2025 ) Exploding AMD CPUs | Investigating ASRock's Murderboards (Oct,29 2025 ) Setting Up Our First Huge Gaming Event was CHAOS (Oct,29 2025 ) Malware of the Future: What an infected system looks like in 2025 (Oct,27 2025 ) F1: Race Highlights | 2025 Mexico City Grand Prix (Oct,27 2025 ) F1: Qualifying Highlights | 2025 Mexico City Grand Prix (Oct,26 2025 ) New Big Windows 11 25H2 October Update - New Taskbar Battery Icons (Oct,25 2025 ) Apple Prepping 'Transfer to Android' Feature, Including 3rd-Party (Oct,25 2025 ) HW News - RIP Internet, RAM Prices Skyrocket from AI Demand, Intel (Oct,24 2025 ) Retro Gaming PC Upgrades go WRONG! (Oct,21 2025 ) How social media has ruined us - the more time you spend online, the (Oct,21 2025 ) FERRARI 12 CILINDRI // 340KMH REVIEW on AUTOBAHN (Oct,20 2025 ) ROG Xbox Ally X - a PC Gamer's Perspective (Oct,20 2025 ) Race Highlights | 2025 United States Grand Prix (Oct,20 2025 ) RedMagic Puts Liquid Cooling in its New Gaming Phone (Oct,18 2025 ) Russia Says U.S. Is Planning a $37 Trillion Crypto Reset (Oct,18 2025 ) Tor Browser says no to Firefox's AI features as it removes them (Oct,18 2025 ) NVIDIA GeForce 581.57 WHQL Driver (Oct,14 2025 ) Samsung One UI 8.5 vs iOS 26 - COMPARISON (Oct,13 2025 ) Google Turned Down by Supreme Court, Must Open up App Payments (Oct,12 2025 ) AMD releases new 25.10.1 preview graphics driver with Battlefield 6 (Oct,10 2025 ) MERCY Official Trailer (2026) Chris Pratt (Oct,10 2025 ) Galaxy S26 Ultra - Samsung, Please Don't Copy This (Oct,07 2025 ) Canada's Las Vegas Sphere is here - and I game on it (Oct,06 2025 ) Predator: Badlands - Official Final Trailer (2025) (Oct,06 2025 ) Chasing a Gaming World Record (Oct,04 2025 ) Frankenstein - Official Trailer (2025) Guillermo del Toro, Oscar (Oct,02 2025 ) iPhone 17 Pro Max vs 16 Pro Max / Pixel 10 Pro XL / Galaxy S25 Ultra (Oct,02 2025 ) iOS 26.0.1 is Out! - What's New? (Sep,30 2025 ) NEW! 2026 Audi Q3 2.0 TFSI (265hp) vs. e-hybrid (272hp)| 0-100 km/h (Sep,30 2025 ) Samsung One UI 8.5 Hands on - I Was Wrong (Sep,29 2025 )
>> News Archive <<
| |
|
