A serious security risk has been found in Telegram’s desktop app by the crypto security firm Certik. They discovered what is called a Remote Code Execution flaw. It opens up a way of crafting special media files, like photos or videos, to take over a user’s system.
To stay safe, it is important to stop Telegram from automatically downloading media. Here’s how to do it:
Disable auto-downloads in Telegram, open the app settings, select “Advanced,” and then turn off the auto-download feature for photos, videos and files for all chat types.
If you store cryptocurrencies or different digital assets, you should immediately take action. Hackers could use this weakness to get into your OS and, from there, they could access your crypto wallets.
After some malicious code is executed, your funds are at direct risk. Unfortunately, after some code is executed, the only way to gain back control over the system would be the usage of a backup. Any executable code might get through the media files, causing serious losses. Such files are most likely to appear in public chats related to crypto and finances.
There has been no word from Telegram about this problem yet. But it is important to know that the issue is with the Telegram desktop application, particularly on systems like Windows. On mobile devices, there are no reports about this vulnerability, due to the fact that executable code works differently on desktop operational systems and mobile.
Not fixing this vulnerability could open the door for hackers to insert malicious code that targets crypto wallets. They could send a disguised image or video which, when downloaded, could give them a way into your system. And if you are using Telegram to receive updates or share information about your crypto dealings, this could put you at greater risk.