top of page

IP Address Leak Found in Telegram’s Proxy System

  • Jan 13
  • 2 min read

Telegram often touts itself as a privacy-focused messaging platform. The messaging app claims it can help users enjoy anonymity, ensuring everyone’s privacy. Their strong focus on privacy caused problems when CEO Pavel Durov was arrested in France in 2024 and released after the company agreed to work with authorities and adjust its privacy policies, according to CNN.

 

Telegram’s privacy made the app one of the most popular messaging apps in the world. The app is popular with activists, journalists, and other related groups because it lets them communicate privately without fear of getting identified. Client-side encryption and minimal data collection also made Telegram a must-install app for those who want to enjoy their privacy.

 

A Slip in Security Feature

 

But even though Telegram is known for privacy, a massive flaw was found in the app. A LinkedIn post by The Cyber Security Hub describes a security flaw that a user’s real IP address can be revealed.

 

To fully understand the security flaw, Telegram uses SOCKS5 and MTProto proxies to protect user identity. On its own, it’s an effective method of user protection.

 

However, a proxy link can be created to learn more about the user - specifically, the user’s real IP address. When a user clicks a proxy link, Telegram verifies that the link is valid. The key issue in this security flaw is that the validation request comes directly from the user’s device. The request will not use any proxies to hide the user’s identity.

 

With the right tool, a user could be targeted with a malicious link and their IP address revealed to the attacker.

 

Repercussions of a Leaked IP Address

 

An IP Address is a simple yet very important piece of information for every device. It’s a network identifier that allows the device to connect with the network. A device’s proximate location and other activities could be monitored using the IP Address.

 

This type of data should be secured as much as possible. Attackers can misuse an IP address to launch attacks and steal private information. Telegram’s security weaknesses may leave users vulnerable to cyberattacks.

 

Protecting this type of information is even more important for those working in sensitive agencies and organizations. For example, a leaked IP address of an activist could be used to determine their proximate location and their online activities.

 

Response to Security Flaw

 

According to Bleeping Computer, “The company said that any website or proxy operator can see the IP address of visitors and that this is not unique to Telegram compared to other messaging platforms.” Simply put, instead of fixing the flaw, Telegram argued that other platforms do the same thing.

 

However, they plan to add a warning to users about the risks of clicking these links. There is no update yet on when these warnings will be implemented.

 

For now, it is important to be vigilant when clicking on any unknown links. These links may seem appealing, but not knowing their true source can pose security risks to the device and the user’s privacy.

 

 

 
 
 

Recent Posts

See All
CIA Urges Iranians to Hide IPs in Recruitment Drive

The United States potential conflict with Iran is moving into its next chapter. Both sides are set for another round of negotiations, according to Al Jazeera , with President Trump warning of military

 
 
 

Comments

bottom of page