According to U.Today, a significant security risk has been identified in the desktop application of the popular messaging platform, Telegram. The risk was discovered by crypto security firm Certik, who found a Remote Code Execution (RCE) flaw. This flaw allows the creation of specific media files, such as photos or videos, that could potentially compromise a user's system.
To protect against this vulnerability, users are advised to disable Telegram's automatic media download feature. This can be done by accessing the app settings, selecting 'Advanced', and then turning off the auto-download feature for photos, videos, and files for all chat types.
The RCE flaw poses a particular threat to users who store cryptocurrencies or other digital assets on their systems. Hackers could exploit this weakness to gain access to the operating system and subsequently, the user's crypto wallets. Once malicious code is executed, the user's funds are directly at risk. The only way to regain control over the system after such an event would be through the use of a backup.
The media files carrying the executable code are most likely to appear in public chats related to crypto and finances. It's important to note that this issue is specific to the Telegram desktop application, particularly on systems like Windows. There have been no reports of this vulnerability on mobile devices, as executable code operates differently on desktop and mobile operating systems.
If left unaddressed, this vulnerability could provide an avenue for hackers to insert malicious code targeting crypto wallets. They could send a disguised image or video which, when downloaded, could provide them access to the user's system. Users who utilize Telegram for updates or sharing information about their crypto transactions are at an increased risk.
As of now, Telegram has not issued any statement regarding this security risk.