Security and audit services provider in the crypto and Blockchain field, CertiK, reported detecting a significant security vulnerability on the popular messaging platform Telegram, which holds an important place in the Bitcoin (BTC) and altcoin world. The security flaw poses a significant risk for remote code execution (RCE) and potential malicious attacks through media files.
Details of the Security Flaw
The security vulnerability detected in Telegram affects the media processing feature within the Telegram Desktop application. Exploiting this security flaw could allow hackers to run arbitrary code on users’ devices, potentially leading to unauthorized access, data theft, or other malicious activities.
The identified security flaw highlights the importance of taking security measures to protect digital communication against potential threats. Hackers could exploit vulnerabilities in Telegram’s media processing to infiltrate users’ devices, compromising their security and privacy.
As a result, CertiK emphasized the need for users to review their settings on Telegram and urgently make the necessary adjustments to enhance their account and device security and reduce the risk of hacking.
Disabling the Auto-Download Feature is Necessary
To close the security gap identified by CertiK and strengthen security options, users need to immediately take action by disabling the auto-download feature in the Telegram application. This can be done by going to the “Advanced” section in the Settings menu of Telegram and disabling the auto-download option for photos, videos, and files for all types of chats, including private chats, groups, and channels.
By making this adjustment, users can significantly reduce their exposure to potential security risks, ensure the overall security of their Telegram accounts, and the devices on which the application is installed. Avoiding the automatic download of media files can help reduce the risk of inadvertently executing malicious code or falling victim to hacking attacks.
