A Fourth Estate® Service

Wednesday, January 27, 2021

Telegram Messenger Exploit Leaks User Exact Location

A security researcher reported that the People Nearby allows others to find the exact location and see the profiles of other users.

Security researcher Ahmed Hassan reported that the People Nearby allows others to find the exact location and see the profiles of other users.

According to Hassan’s blog, Ahmed’s Notes, the feature allows sending private messages to other nearby users but also reveals the personal details of those who choose to make themselves visible and provide their distance. 

“If someone spoofs their latitude, longitude, they can triangulate a user and find their location. It is so easy to perform an orchestrated attack on neighbors (more generally, all people within reach),” warned Hassam.

Hassam added that since nearby users could create geographical groups, scammers often spoof their location to join them in order to sell fake bitcoin investments, hacking tools, stolen social security numbers, and other scams.

Ahmed reportedly contacted Telegram regarding the issue but the company replied that there is no issue with the feature and that it is turned off by default.

Telegram added that the feature is not included in their bug bounty program.

Article © 2021 Fourth Estate® — All rights reserved.
This material may not be published, broadcast, rewritten or redistributed.

Recent Articles

Global Tally of COVID-19 Cases Surpass 100 Million

The total number of COVID-19 cases worldwide has surpassed 100 million on Jan. 26, according to data from Johns Hopkins University (JHU), amid the...

U.S. Senate Confirms Antony Blinken as Secretary of State

Antony Blinken has been confirmed by the Senate as the next Secretary of State.The confirmation vote had a final tally of 78-22 with the...

UK Offers Financial Incentives to EU Citizens Under ‘Voluntary Return’

The United Kingdom is now offering financial assistance to EU citizens, who want to leave for their home country. Under the ‘voluntary return’ the...

Iran Blocks Signal Messaging App

The Iranian government blocked Signal after local users migrated to the messaging platform following privacy concerns from WhatsApp. The Observatory of Network Interference (OONI) first...

Norwegian Watchdog Slaps Grindr with $11.7 Million Fine for Violating Data Privacy

The Norwegian Data Protection Authority (DPA) announced on Tuesday that it has fined dating app Grindr 100 million Norwegian crowns ($11.7 million) for illegally...

Get the Daily NewsBrief in your inbox

Related Stories