Telegram Exposed: Default IP Addresses of Users Leaked

Buzz

Content

Telegram Exposes Default IP Addresses of Users

Telegram Messenger, known for its secure messaging and encryption capabilities, has recently come under scrutiny. Researcher Dhiraj has uncovered a startling revelation: Telegram exposes users' default IP addresses during calls.

The default settings within Telegram are to blame for this IP address leak. Calls made through the app utilize a Peer-to-Peer (P2P) network. When initiating P2P calls, users' IP addresses are displayed in the Telegram console log. However, not all versions of the app feature this console log. Specifically, Windows versions do not display the log, whereas Linux versions do.

Reference: Telegram Rolls Out Major App Updates for Android and iOS

Telegram Exposes Default IP Addresses of Users

According to the company, users can prevent IP address leaks by accessing Settings =>

Privacy and Security => Voice calls => changing Peer-To-Peer to Never or Nobody. This will route user calls through Telegram servers, hiding their IP addresses. However, it may degrade call quality.

The issue lies in the inability of users to disable P2P calls on mobile platforms like Android and iOS. Researcher Dhiraj found that official Telegram versions for desktop and Windows lack the option to disable P2P calls.

This means that users' IP addresses are susceptible to leakage whenever they use Telegram for calls. Here's a specific example of IP address leakage in the Telegram console for Ubuntu.

In a video demonstrating IP address leakage, researcher Dhiraj stated:

'In the video I shared, the Proof of Concept (PoC) includes 3 leaked IP addresses: Telegram server IP, my personal IP, and end user IP.

With Telegram's acknowledgment of missing settings in Telegram Desktop for Windows, Dhiraj received a €2,000 reward and his report was assigned CVE-2018-17780 ID.

The issue has been addressed in Telegram Desktop version 1.3.17 beta and version 1.4.0, with the company adding an option to disable P2P calls.

Currently, there are numerous methods to check your computer's IP address. You can use CMD commands or online services to fulfill your work or gaming needs.

To download the latest version of Telegram for Desktop and install it, visit here: Download Telegram

You can also use Telegram on your mobile device here:

- Download Telegram for Android
- Download Telegram for iPhone

Warning: There is currently a surge in fake websites attempting to deceive users. Therefore, we must exercise caution while browsing the web to ensure the safety of personal information and avoid potential damage to stored data on our computers.

Frequently Asked Questions

What are the security concerns regarding Telegram's default settings?

Telegram's default settings can expose users' IP addresses during calls due to its Peer-to-Peer (P2P) network. This vulnerability has been noted in the console log, especially in Linux versions of the app, revealing users' IPs when calls are made.

How can users prevent IP address leaks while using Telegram?

To prevent IP address leaks on Telegram, users should navigate to Settings, then Privacy and Security, and adjust Voice Calls settings to change Peer-To-Peer to 'Never' or 'Nobody.' This reroutes calls through Telegram's servers, concealing the user's IP address.

Is it possible to disable P2P calls on all Telegram versions?

No, users cannot disable P2P calls on mobile platforms like Android and iOS, nor in the official desktop version for Windows, making IP addresses vulnerable during calls made through the app.

What updates has Telegram made to address the IP address leak issue?

Telegram has addressed the IP address leak issue by adding the option to disable P2P calls in the Desktop version, specifically in versions 1.3.17 beta and 1.4.0, following the discovery by researcher Dhiraj.

Mytour's content is for customer care and travel encouragement only, and we are not responsible.

For errors or inappropriate content, please contact us at: [email protected]