cybersecurity

Accepting a call from contacts on Telegram can lead to IP address leak

Gelo Gonzales

This is AI generated summarization, which may have errors. For context, always refer to the full article.

Accepting a call from contacts on Telegram can lead to IP address leak
Telegram users should be careful when adding contacts, and should adjust default call settings for added security

MANILA, Philippines – A TechCrunch report confirmed that one’s IP address can leak via an exploit found on messaging app Telegram.

Just by simply accepting a voice call from a contact with know-how of the exploit, a user’s IP address – a unique string of numbers serving as identifier, assigned to devices connected to the internet – can be stolen.

The tech site confirmed the findings of security researcher Denis Simonov, who was able to obtain the IP address of a test device used by TechCrunch to simulate the exploit. 

A leaked IP address holds some danger. As cybersecurity firm Kaspersky points out, “A sophisticated hacker or cyber criminal may be able to discover your approximate location or even your actual physical address using your IP address.” 

“Typically, this information isn’t available to just anyone – in fact, you normally need a court order to receive it. But someone utilizing advanced IP lookup tools may be able to obtain a physical address illegally.” 

Other online activities such as internet searches may also be seen by unwanted parties. VPN provider NordVPN also warns that a stolen IP address could open up a user to DDoS attacks, being framed for illegal online activities, and phishing incidents. 

Since the exploit requires that the hacker must be added to one’s Telegram contact list, users should be extremely careful on who they add on the popular messaging app. 

TechCrunch explains that this isn’t the first time that such an exploit on Telegram has been found

In Telegram’s explanation, however, that the exploit is rooted in one of the methods by which the app enables calls. By default, the app uses a peer-to-peer connection “for better quality and reduced latency,” Telegram spokesperson Remi Vaughn told TechCrunch.

As the site shows, this option can be turned off by going to settings, ang going to Privacy and Security, and then Calls, and then selecting “Never” in the Peer-to-Peer menu. 

Telegram shows a message, explaining the settings: “Disabling peer-to-peer will relay all calls through Telegram servers to avoid revealing your IP address but may decrease audio and video quality.” 

For trusted contacts, there’s also a setting that allows users to add exceptions, letting them use peer-to-peer for better quality. – Rappler.com

Add a comment

Sort by

There are no comments yet. Add your comment to start the conversation.

Summarize this article with AI
Download the Rappler App!
Clothing, Apparel, Person

author

Gelo Gonzales

Gelo Gonzales is Rappler’s technology editor. He covers consumer electronics, social media, emerging tech, and video games.