A serious security risk has been found in Telegram’s desktop app by the crypto security firm Certik. They’ve discovered what’s called a Remote Code Execution flaw. It opens up a way of crafting special media files, like photos or videos, to take over a user’s system.
Advertisement
To stay safe, it’s important to stop Telegram from automatically downloading media. Here’s how to do it:
Disable auto-downloads in Telegram, open the app settings, select ‘Advanced’, and then turn off the auto-download feature for photos, videos, and files for all chat types.
If you store cryptocurrencies or different digital assets, you should immediately take action. Hackers could use this weakness to get into your OS and from there, they could access your crypto wallets.Β
After some malicious code is executed, your funds are at direct risk. Unfortunately, after some code is executed the only way to gain back control over the system would be the usage of a backup. Any executable might get through the media files, causing serious losses. Such files are most likely to appear in public chats related to crypto and finances.
There’s been no word from Telegram about this problem yet. But it’s important to know that the issue is with the Telegram desktop application, particularly on systems like Windows. On mobile devices, there are no reports about this vulnerability, due to the fact that executable code works differently on desktop operational systems and mobile.
Not fixing this vulnerability could open the door for hackers to insert malicious code that targets crypto wallets. They could send a disguised image or video, which when downloaded, could give them a way into your system. And if you’re using Telegram to receive updates or share information about your crypto dealings, this could put you at a higher risk.