Telegram users have been warned of a new hack that could expose their personal data to cybercriminals.
Cybersecurity company Check Point has discovered the vulnerability of the hugely successful cross-platform messaging app.
The serious security breach could allow cybercriminals to access users’ personal data, including photos, audio messages, contact information, and videos, all within seconds.
Worse, the simple hack could be done in the background without the user ever knowing that it had been hacked.
According to security firm Check Point, the hack could be executed by sending a single fake image to Telegram users.
At first glance, the photo might seem innocent enough – however, hackers were able to use the photo to hide a piece of malicious code that exploited the vulnerability of the messaging app.
Once the image is downloaded, the code could infiltrate the computers of Telegram users.
This would grant hackers full access to the Telegram account.
The hack worked thanks to the end-to-end encryption used by Telegram.
Since all messages were encrypted on the sender’s side, Telegram was blind to the content of the text or image – and therefore could not prevent malicious content.
Telegram and WhatsApp were both affected by the same flaw, Check Point revealed.
Fortunately, the cybersecurity company notified the two messaging apps earlier this month, giving them time to correct the issue.
âThis new vulnerability puts hundreds of millions of WhatsApp Web and Telegram Web users at risk of having their account taken completely,â said Oded Vanunu, product vulnerability research manager at Check Point.
âBy simply sending an innocent-looking photo, an attacked person could take control of the account, access the message history, any photos that have ever been shared, and send messages on behalf of the user.
âFortunately, WhatsApp and Telegram have responded quickly and responsibly to deploy mitigation against exploitation of this issue in all web clients.â
WhatsApp and Telegram users should restart their browser immediately to avoid being targeted by the scam.
Once this is done, Messenger users should be protected against hacking.
This latest update comes as WhatsApp looks set to announce new features for its hugely popular smartphone app.
One of the features currently being beta tested is the addition of a landscape mode.
The code for a landscape has been hidden in the latest beta of the software on iOS.
Screenshots of the landscape layout were tweeted by the trusted WABetaInfo account, although beta testers won’t find the new feature enabled in the latest update.
As the feature is included in the latest beta, it’s not hard to imagine the new layout rolling out to users in the weeks and months to come.