Telegramβs security vulnerability allows IP address exfiltration through malicious proxy links, posing a risk to user anonymity. The platform plans to add warnings for proxy links to enhance user security. #Telegram #ProxyVulnerability
Keypoints
- Telegramβs client attempts to verify proxy server reachability, which can expose user IP addresses.
- Malicious links disguised as benign URLs can trigger automatic verification, revealing user identities.
- This vulnerability affects Telegram on both Android and iOS devices.
- The issue is similar to classic NTLM hash exfiltration attacks, where network requests are made without user awareness.
- Telegram plans to implement warning prompts to alert users before clicking proxy-related links.
Read More: https://securityonline.info/the-anonymity-trap-new-telegram-flaw-leaks-real-ips-via-proxy-links/