Have you ever clicked on a link in a Telegram conversation without thinking twice? This innocuous gesture could actually expose your real IP address to malicious third parties. How is this possible and what is Telegram doing to protect its users?
The 3 key points not to miss
- Security researchers have discovered that links on Telegram can reveal users’ IP addresses.
- The issue occurs when using proxy links that trigger direct network requests.
- Telegram plans to implement a warning to inform users of potential risks.
Understanding how proxies work on Telegram
Telegram uses a proprietary protocol named MTProto to encrypt exchanges and relay user traffic through intermediary servers. This mechanism is designed to bypass restrictions and protect users’ identities by masking their real IP addresses. However, using proxies via t.me/proxy links can compromise this protection.
When you click on a proxy link on Telegram, the app automatically tests the server’s availability by establishing an outgoing connection. This action then reveals your real IP address, a flaw that malicious actors can exploit.
Privacy and security risk
Malicious actors exploit this mechanism by creating relay servers under their control and hiding proxy links in seemingly innocuous conversations. When a user clicks on one of these links, their IP address is recorded on the malicious server, allowing them to approximately locate the person and prepare targeted attacks.
Telegram has been contacted about this issue and acknowledged that this situation is not unique to their service. Nevertheless, the company has decided to add a warning when opening proxy links to raise user awareness of the risks of redirection to third-party servers.
Protection measures for Telegram users
In response to this vulnerability, Telegram plans to introduce a warning for users before they open proxy links. However, this warning will not block test requests or the sending of the IP address to third-party servers.
To protect themselves, it is recommended to verify the real destination of any link before clicking, to spot references to t.me/proxy, and to avoid following proxy links from unknown sources. For the most vulnerable users, enabling a VPN could add an extra layer of security by masking the real IP address with that of the VPN server.
Background and history of Telegram
Telegram was founded in 2013 by Pavel Durov, also known for creating VKontakte, the most popular social network in Russia. The app quickly stood out by offering encrypted and secure messaging features, attracting millions of users worldwide. Telegram has often been at the center of debates on online privacy and security, notably due to its commitment to protecting user data from governments and other entities.
Despite criticism and controversies, Telegram continues to evolve and adapt to new threats. The company strives to constantly improve the security of its platform while offering innovative and practical features to its users. However, incidents like the proxy issue show that vigilance remains necessary to ensure a safe experience on the app.
