By
Steve Muchoki
April 23rd, 2024
Telegram has implemented various security features to enhance user privacy and data protection.
Popular messaging app Telegram has addressed a recent camera and security exploit that could allow attackers to gain control of a macOS device’s camera. A spokesperson for Telegram Remi Vaughn mentioned that Telegram users are not at risk by default because the exploit requires malware to be installed on the system.
Notably, Software engineer Dan Revah drew attention to this exploit in a blog post on May 15. In the post, Revah claimed to have gained local privilege escalation beyond what was previously provided to the installed Telegram program, allowing macOS users’ webcams to be attacked.
According to the Software Engineer, exploitation of this vulnerability allows the recording and saving of files from the device’s camera by injecting a dynamic library into the user’s system. Revah also claims the exploit allows attackers to bypass the device’s sandbox using launch agents.
In his opinion, an attacker might possibly get more system rights by gaining access to restricted privacy zones. However, Vaughn revealed that Telegram made the improvements that were accepted by the Apple App Store in late May. “Users who downloaded the Telegram app directly from the messaging app’s website are not at risk,” he noted.
Notably, the steady increase in cyber-attacks observed in the Blockchain ecosystem may have raised concerns for Revah. Over the years, the industry has seen continued growth in cyberattack rates, causing people to worry about security levels with each new blockchain breakthrough.
Meanwhile, crypto attacks have resulted in losses of at least $721 million in Japan alone, accounting for more than 30% of the more than $2.3 billion lost in cryptocurrency hacks worldwide.
Telegram Makes Efforts towards Increasing Security Features
Telegram has implemented various security features to enhance user privacy and data protection. In December, the messaging app released a new version that allows users to create accounts using blockchain-based anonymous numbers instead of mobile phone numbers.
Through the upgrade, users will be allowed to hide numbers from everyone, which is sure to gratify those who value privacy-focused services. To take advantage of this feature, users will need to purchase a blockchain-based anonymous number from the decentralized auction platform Fragment.
Additionally, Telegram has a bug bounty program that encourages security researchers to submit any vulnerabilities or security issues they find. This program encourages responsible vulnerability disclosure and aids Telegram in improving its security architecture.
Furthermore, Telegram’s founder Pavel Durov has also suggested that the platform would build a variety of decentralized tools and services following the collapse of Sam Bankman Fried‘s FTX cryptocurrency exchange.
Remarkably, the platform has reached 700 million active users, a significant milestone that marks the growing popularity of free social media apps. The platform claims the milestone was driven by personal recommendations since it does not have an ad campaign to promote its app.