|
|
Telegram feature exposes your precise address to hackers - TechAmok
Telegram feature exposes your precise address to hackers - [security]
03:31 PM EST - Jan,09 2021 - post a comment If you're using an Android device-or in some cases an iPhone-the Telegram messenger app makes it easy for hackers to find your precise location when you enable a feature that allows users who are geographically close to you to connect. The researcher who discovered the disclosure vulnerability and privately reported it to Telegram developers said they have no plans to fix it. The problem stems from a feature called People Nearby. By default, it's turned off. When users enable it, their geographic distance is shown to other people who have it turned on and are in (or are spoofing) the same geographic region. When People Nearby is used as designed, it's a useful feature with few if any privacy concerns. After all, a notification that someone is 1 kilometer or 600 meters away still leaves stalkers guessing where, precisely, you are.
Independent researcher Ahmed Hassan, however, has shown how the feature can be abused to divulge exactly where you are. Using readily available software and a rooted Android device, he's able to spoof the location his device reports to Telegram servers. By using just three different locations and measuring the corresponding distance reported by People Nearby, he is able to pinpoint a user's precise location. Telegram lets users create local groups within a geographical area. Hassan said that scammers often spoof their location to crash such groups and then peddle fake bitcoin investments, hacking tools, stolen social security numbers, and other scams.
"Most users don't understand they are sharing their location, and perhaps their home address," Hassan wrote in an email. "If a female used that feature to chat with a local group, she can be stalked by unwanted users."
A proof-of-concept video the researcher sent to Telegram showed how he could discern the address of a People Nearby user when he used a free GPS spoofing app to make his phone report just three different locations. He then drew a circle around each of the three locations with a radius of the distance reported by Telegram. The user's precise location was where all three intersected.
In a blog post, Hassan included an email from Telegram in response to the report he had sent them. It noted that People Nearby isn't enabled by default and that "it's expected that determining the exact location is possible under certain conditions." Telegram representatives didn't respond to an email seeking comment. |
|
Short overview of recent news articles |
|
WhatsApp Goes Beyond 2FA: Extra Password Layer Makes Accounts Nearly (Feb,24 2026 ) Google Chrome Gets February 23 Security Boost with 3 High Fixes (Feb,24 2026 ) Stargate Stalls: OpenAI's $500B Dream Hits Roadblocks as $14B 2026 (Feb,23 2026 ) Google Crushes Cyber Threats: Blocks 1.75 Million Bad Apps and Bans (Feb,23 2026 ) Bitcoin Miner Bitdeer Sells Everything: Treasury Hits Zero in AI (Feb,22 2026 ) HW News - More Valve RAM Shortages, Tariffs Ruling, AI Causes PS6 (Feb,22 2026 ) Microsoft's Deep Integration of Copilot in Windows 11 Raises (Feb,22 2026 ) Elon Musk Confirms X Money Now Live in Internal Beta for Employees, (Feb,22 2026 ) Scream (1996) Flashback Review (Feb,22 2026 ) PayPal Confirms Major Breach: SSNs, Emails, and More Exposed from (Feb,22 2026 ) Does Freezing Help Delidding? 9850X3D Delid & Overclocking Test (Feb,22 2026 ) Microsoft is phasing out the custom primary password feature in its (Feb,22 2026 ) Everyone is Buying the Wrong Dash Cam! (2026) (Feb,21 2026 ) Big Brother on Discord: Leaked Code Shows Age Verification Runs You (Feb,20 2026 ) OpenClaw’s Top Skill is a Malware that Stole SSH Keys and Opened (Feb,19 2026 ) Google Adds Satellite SOS to its Affordable Pixel Phone (Feb,19 2026 ) Phison CEO Warns: AI-Driven NAND and DRAM Shortage Could Bankrupt (Feb,19 2026 ) NVIDIA CEO hypes up GTC 2026, promises to unveil a chip that will (Feb,19 2026 ) Microsoft is uploading your confidential emails to Copilot for (Feb,19 2026 ) Anthropic Releases Claude Sonnet 4.6 with Improved Coding, Computer (Feb,18 2026 ) Apple Eyeing A Partnership With Chinese Memory Makers YMTC And CXMT (Feb,17 2026 ) This $60,000 TV was IRRESISTIBLE (Feb,17 2026 ) Keenadu Android Backdoor Infects Firmware, Spreads via Google Play (Feb,17 2026 ) Discord's ID Check Nightmare Sparks Massive Exodus to TeamSpeak (Feb,17 2026 ) Amazing Robot Performance at the 2026 Spring Festival Gala (Feb,17 2026 ) Apple brings video podcasts and other improvements in iOS 26.4 beta (Feb,16 2026 ) Dutch Defence Secretary Boldly Claims F-35 Software Could Be (Feb,16 2026 ) Samsung shows off Galaxy S26 Ultra privacy display (Feb,16 2026 ) 60 Million Passwords Exposed? ETH Zurich Shatters 'Unbreakable' (Feb,16 2026 ) Apple MacBook with iPhone chip launches next month (Feb,15 2026 ) Discord's Disturbing Ties to Global Surveillance | ID Verification, (Feb,15 2026 ) 20 Mind-Blowing Tech Gadgets You MUST See in 2026! (Feb,15 2026 ) Western Digital's HDD production capacity for 2026 is fully sold (Feb,15 2026 ) Google Releases First Beta Version of Android 17 (Feb,14 2026 ) The Audiophile Gaming Headset - HIFIMAN x ROG Kithara (Feb,14 2026 ) 7zip Malware: Beware 7zip.com (Feb,14 2026 ) REDMAGIC 11 Pro Review: Can This Be Your ONLY Phone? (Feb,14 2026 ) Google Docs now has AI-generated audio summaries (Feb,13 2026 ) Apple Patches Actively Exploited Zero-Day Vulnerability Across (Feb,13 2026 ) What is the Windows.old folder and can I delete it? (Feb,13 2026 ) Microsoft AI CEO Mustafa Suleyman: 'Most White Collar Work Will Be (Feb,12 2026 ) Helldivers Movie Lands November 2027 Release, Jason Momoa to Star (Feb,12 2026 ) Apple 0-Day Vulnerability Actively Exploited in Sophisticated Attack (Feb,12 2026 ) Apple releases iOS 26.3 and iPadOS 26.3 to the public (Feb,11 2026 ) T-Mobile Announces Live Audio Language Translation as a Network (Feb,11 2026 ) Windows 11 26H1 Drops Exclusively on New Snapdragon X2 Devices - No (Feb,10 2026 ) Fake 7-Zip downloads are turning home PCs into proxy nodes (Feb,10 2026 ) Microsoft Patch Tuesday February 2026 - 54 Vulnerabilities Fixed, (Feb,10 2026 ) Snapdragon X2 Elite Early - Performance Preview (Feb,10 2026 ) AI Chat App Exposes 300 Million Messages from 25 Million Users (Feb,10 2026 )
>> News Archive <<
| |
|
