Thursday, June 16, 2016
Iranian Hackers Find Security Bug in Telegram
The Iranian Young Journalists Club (YJC) report that the popular messaging application Telegram has a security hole which has been exposed by Iranian white-hat hackers (ethical hackers). The vulnerability could cause smartphones to crash.
Telegram's security claims challenge anyone to try and undermine its security. Two Iranian hackers have discovered a security hole in Telegram, in which it is possible to send files much larger that the existing permitted limit (set at 4,096 bytes).
The Iranian hackers uploaded a video to prove their exploit. In the video, they say that there are two responses from a recipient's phone when Telegram messages larger than 4,096 bytes are sent. Firstly, the recipient's internet bandwidth is accordingly reduced in relation to the size of the message until it finishes and secondly, the receiving device runs out of memory and then the application crashes the smartphone.
The hackers stated that the sender does not need to be in your contacts so you may never know the true attacker if they are using an additional SIM card, for example.
Telegram is very popular with over 25 million users in Iran and its popularity is mainly due to many rival applications being subject to Iran's filtering restrictions.
Also, Iranians like Telegram because of the ability to create private or public "channels" and broadcast ideas through those.
However, can you really trust the encryption that Telegram uses, compared to applications like WhatsApp which use Signal standard end-to-end encryption? This article shows that maybe Iranians should think twice about using Telegram...
Subscribe to:
Post Comments (Atom)
-
Head of Iran Cyber Police (FATA) General Seyed Kamal Hadianfar asked for collective efforts by all world states to prevent the spread of...
-
Ashiyane Security Group (officially Ashiyane Information and Communication Technology Company) is one of the oldest cyber security group...
-
The Heartbleed bug is a serious vulnerability in the popular OpenSSL cryptographic software library and this weakness allows stealing t...
-
Web browsers generally allow users to send a "Do Not Track" signal that informs advertisers that the users do not want to be ...
-
Since my last post in October, there has been no confirmation of which group was behind the cyber-attack on Westminster, or the role of the ...
-
Funeral reception of Mohammad Hussein Tajik News of the assassination of an Iranian Cyber manager has recently been released. Mohammad H...
-
Are Iranian hackers involved in using the " Mamba " ransomware (or possibly be behind the ransomware)? It seems unclear but an...
-
JCPOA members The latest news from Vienna indicates that US position is that there will be no new nuclear arrangements until Iranian regime...
No comments:
Post a Comment