Esearchers find our problems in elegram’s cloud
A group of archers at the Royal Hollouniversity of London, have d four critical flaws in popmessaging app Telegram. he platform has often ed security as a key reason sers coming to it. However, e Telegram offers one of the t preferred end-to-end ypted (E2EE) apps through ture called secret chats, it offers regular cloud chats are not encrypted. EE offers users protection
man-in-the-middle TM) attacks, where an cker places themselves een the sender or receiver message and the cloud er that routes that message. E ensures that even a serprovider such as Whatsapp elegram won’t be able to messages that users send, h also means that they canrovide the content of those sages to governments, law rcement agencies, or othlegram
for the platform and its users, but would require a significant amount of work by the attacker. That means that such an attack will be carried out by a significantly motivated attacker such as nation-state backed hacker groups.
This, along with two other flaws, have all been fixed by Telegram, the platform said in a blog post on July 16. “The latest versions of official Telegram apps already contain the changes that make the four observations made by the researchers no longer relevant,” the platform wrote.
Interestingly, while Telegram claimed that the vulnerabilities didn’t allow attackers to decipher text messages, that may not be completely true. The researchers noted that one of the flaws allowed an MITM attack which would allow an attacker to “impersonate” Telegram’s servers and hence “break both the confidentiality and integrity of communication.
On Friday, an international team of computer scientists reported on Friday that they found four cryptographic vulnerabilities in the popular