0-day bug found on Telegram can be used against protesters in Hong Kong

作者:

A new vulnerability affecting Telegram messaging app has been found, which allows an attacker to identify people in a group, even if the phone number is hidden.

The bug was first reported on a discussion forum of Hong Kong protestors and eventually was picked and verified by security researchers from Hong Kong.

How does the bug work?

According to the analysis done by the researchers, including Chu Ka-Cheong, the bug works in the following way.

  • A person X joins a group on Telegram while simultaneously hiding the phone number.
  • The attacker Y, who wants to uncover the real identity of X, adds a large number of phone numbers in the phone book. Adding a massive amount of phone numbers in the phone book increases the possibility that X’s phone number will also be added.
  • Y, who is the attacker then syncs the contacts in Telegram.
  • After syncing the contacts, the attacker Y, then joins the Telegram group where he can clearly see the phone number of X.

As per the document, the attacker, by following the above procedure, can document the phone numbers of any number of members.

The process is simple, and it will not work where the space for phone numbers is large, as it decreases the probability of finding the target’s phone number. But in areas like Hong Kong, where the phone number space is less, this technique can be used to reveal the identity of the group members.

The researchers fear that the government has already begun exploiting the bugs and the protestors of Hong Kong are in danger.

Currently, the bug has been verified on iOS 12.4 and Android 9. Telegram is yet to release an official statement.

In the News: YouTube spoils Chinese propaganda party further; disables 210 channels

Kumar HemantKumar HemantKumar Hemant

Former Senior Editor at Candid.Technology. Hemant has a keen interest in social issues and international relations.

Hello There!

If you like what you read, please support our publication by sharing it with your friends, family and colleagues. We’re an ad-supported publication. So, if you’re running an Adblocker, we humbly request you to whitelist us.

You can read our Ethics Statement for more information on how our Editorial Team operates.

You can also support our Editorial Team here.


Share on facebook


Share on whatsapp


Share on twitter


Share on reddit


Share on linkedin


Share on pocket


Share on pinterest


Share on telegram


Share on stumbleupon


Share on digg


Share on tumblr


Share on email


Share on skype


Share on xing


Share on vk


Share on odnoklassniki


Share on mix

Candid.Technology Google NewsCandid.Technology Google News



Read more from Candid.Technology

HDMI vs VGA vs DVI vs Displayport: Which one to use and when?HDMI vs VGA vs DVI vs Displayport: Which one to use and when?

HDMI vs DVI vs VGA vs Displayport


Prathik

9:00 pm IST | November 24, 2019

How to unlock Android phone with a broken screen?How to unlock Android phone with a broken screen?

How to unlock your Android smartphone with a broken screen?


Aryan

7:00 am IST | April 15, 2019

How to fix Windows update error 8007000E?


Yadullah Abidi

9:00 pm IST | March 11, 2021

How to right-click with a keyboard?


Yadullah Abidi

11:00 pm IST | December 18, 2021

How to appear offline on Steam?


Yatharth Singh

9:00 pm IST | June 3, 2020

Nvidia nerfs new RTX lineup for Ethereum mining


Yadullah Abidi

9:57 pm IST | May 18, 2021

What is Browser Compartmentalisation? How does it enhance user privacy?


Nischay Khanna

9:00 pm IST | February 28, 2020

Exynos 7870 vs Snapdragon 625: Which chipset is better?Exynos 7870 vs Snapdragon 625: Which chipset is better?

Exynos 7870 vs Snapdragon 625


Akshit Kansal

8:00 pm IST | October 6, 2019

As the year is a month away from coming to the end, Google has released the list of the top apps, games, movies, books as well as fan favourites -- for the first time -- for the year of 2018. Among the fan favourites, PUBG mobile, YouTube TV and Avengers: Infinity War has achieved the top spots. Check out the entire list of the best of 2018 on Google Play store below. Top Apps on Google Play Store Drops: Learn 31 new languages (Best app of 2018). Download it here. Google Pay (Tez) - a simple and secure payment app (User's choice app of 2018). Download it here. Tik Tok (Most entertaining app of 2018). Download it here. Unfold - create stories (Best hidden gem). Download it here. Home Workout - no equipment (Best self-improvement). Download it here. Otter voice notes (Best daily helper). Download it here. Top Games on Google Play Store PUBG Mobile (Best game of 2018 and also the User's choice game of 2018). Download it here. Ludo King (Best casual game of 2018). Download it here. Battlelands Royale (Most innovative game of 2018). Download it here. Real Cricket 18 (Most competitive game of 2018). Download it here. Alto's Odyssey (Best indie game of 2018). Download it here. Top Movies on Google Play Store Following are the top-selling movies of 2018 on Google Play Store in 2018 in India: Black Panther Jumanji: Welcome to the Jungle Justice League Deadpool 2 Hichki Coco Jurassic World: Fallen Kingdom Rampage Tiger Zinda Hai Shubh Mangal Saavdhan Tomb Raider Geostorm Kingsman: The Golden Circle Star Wars: The Last Jedii Ready Player One Ocean's 8 Murder on the Orient Red Sparrow Wonder A Quiet Place Blade Runner 2049 The Shape of Water Maze Runner: The Death Cure Insidious: The Last Key Hotel Transylvania 3: A Monster Vacation Peter Rabbit Judwaa 2 The Greatest Showman Olaf's Frozen Adventure Deep Blue Sea 2 Game Night Raazi Nanak Shah Fakir Solo: A Star Wars Story Three Billboards Outside Ebbing, Missouri The Mountain Between Us The Imitation Game Ferdinand S.W.A.T: Under Siege Ant-Mn and the Wasp One Night Stand The Black Prince Tag Sniper: Ultimate Kill Downsizing The House Next Door Hamari Adhuri Kahaani Dangal Sui Dhaaga: Made in India Crazy Rich Asians Top Books on Google Play Store Following are 10 top-selling books on Google Play Store in 2018 in India: How to make money in intraday trading by Ashwani Gujral Hand on Computer Science & IT by Prof. Neelima Calling Sehmat by Harinder Sikka Will you still love me by Ravinder Singh Factfulness: Ten reasons we're wrong about the world - and why things are better than you think by Hans Rosling Unsuitable Boy by Karan Johar The Spy Chronicles: RAW, ISI and the Illusion of Peace by A.S. Dulat Fire and Fury by Michael Wolff India 2018: A reference annual by New Media Wing I too had a love story by Ravinder Singh Check out the complete list here. Top Audiobooks on Google Play Store Following are 10 top-selling audiobooks on Google Play Store in 2018 in India: Sherlock Holmes: The Collection by Arthur Conan Doyle 12 Rules for Life by Jordan B. Peterson The science of getting rich by Wallace D. Wattles The art of war by Sun Tzu Real estate investing by Mark Atwood The memoirs of Sherlock Holmes by Arthur Conan Doyle Great Expectations by Charles Dickens The Art of War (Lionel Giles translation) by Sun Tzu 10 masterpieces you have to read before you die by Lewis Carroll Leadership Wisdom from the monk who shold his ferrari by Robin Sharma Check out the complete list here.As the year is a month away from coming to the end, Google has released the list of the top apps, games, movies, books as well as fan favourites -- for the first time -- for the year of 2018. Among the fan favourites, PUBG mobile, YouTube TV and Avengers: Infinity War has achieved the top spots. Check out the entire list of the best of 2018 on Google Play store below. Top Apps on Google Play Store Drops: Learn 31 new languages (Best app of 2018). Download it here. Google Pay (Tez) - a simple and secure payment app (User's choice app of 2018). Download it here. Tik Tok (Most entertaining app of 2018). Download it here. Unfold - create stories (Best hidden gem). Download it here. Home Workout - no equipment (Best self-improvement). Download it here. Otter voice notes (Best daily helper). Download it here. Top Games on Google Play Store PUBG Mobile (Best game of 2018 and also the User's choice game of 2018). Download it here. Ludo King (Best casual game of 2018). Download it here. Battlelands Royale (Most innovative game of 2018). Download it here. Real Cricket 18 (Most competitive game of 2018). Download it here. Alto's Odyssey (Best indie game of 2018). Download it here. Top Movies on Google Play Store Following are the top-selling movies of 2018 on Google Play Store in 2018 in India: Black Panther Jumanji: Welcome to the Jungle Justice League Deadpool 2 Hichki Coco Jurassic World: Fallen Kingdom Rampage Tiger Zinda Hai Shubh Mangal Saavdhan Tomb Raider Geostorm Kingsman: The Golden Circle Star Wars: The Last Jedii Ready Player One Ocean's 8 Murder on the Orient Red Sparrow Wonder A Quiet Place Blade Runner 2049 The Shape of Water Maze Runner: The Death Cure Insidious: The Last Key Hotel Transylvania 3: A Monster Vacation Peter Rabbit Judwaa 2 The Greatest Showman Olaf's Frozen Adventure Deep Blue Sea 2 Game Night Raazi Nanak Shah Fakir Solo: A Star Wars Story Three Billboards Outside Ebbing, Missouri The Mountain Between Us The Imitation Game Ferdinand S.W.A.T: Under Siege Ant-Mn and the Wasp One Night Stand The Black Prince Tag Sniper: Ultimate Kill Downsizing The House Next Door Hamari Adhuri Kahaani Dangal Sui Dhaaga: Made in India Crazy Rich Asians Top Books on Google Play Store Following are 10 top-selling books on Google Play Store in 2018 in India: How to make money in intraday trading by Ashwani Gujral Hand on Computer Science & IT by Prof. Neelima Calling Sehmat by Harinder Sikka Will you still love me by Ravinder Singh Factfulness: Ten reasons we're wrong about the world - and why things are better than you think by Hans Rosling Unsuitable Boy by Karan Johar The Spy Chronicles: RAW, ISI and the Illusion of Peace by A.S. Dulat Fire and Fury by Michael Wolff India 2018: A reference annual by New Media Wing I too had a love story by Ravinder Singh Check out the complete list here. Top Audiobooks on Google Play Store Following are 10 top-selling audiobooks on Google Play Store in 2018 in India: Sherlock Holmes: The Collection by Arthur Conan Doyle 12 Rules for Life by Jordan B. Peterson The science of getting rich by Wallace D. Wattles The art of war by Sun Tzu Real estate investing by Mark Atwood The memoirs of Sherlock Holmes by Arthur Conan Doyle Great Expectations by Charles Dickens The Art of War (Lionel Giles translation) by Sun Tzu 10 masterpieces you have to read before you die by Lewis Carroll Leadership Wisdom from the monk who shold his ferrari by Robin Sharma Check out the complete list here.

Top 6 apps, games and more on Google Play in 2018


Editorial Team

10:35 pm IST | December 3, 2018


More

No more posts to show


Ten articles before and after

Top 7 Telegram channels and groups for cryptocurrency

Top 11 Telegram bots that every user must check out

How to delete your Telegram account? In 6 easy steps

How to join a Telegram Group or Channel? | Telegram Tips

How to create a Telegram group? Public vs Private groups

8 new features coming to Telegram including Silent Messaging, Slow Mode

Telegram X vs Telegram: What's different? Should you use Telegram X?

Top 7 Telegram channels for UPSC preparation that aspirants must follow

Australian law gives power to cops to spy on citizens WhatsApp, Telegram

10 cool Telegram Messenger app tricks and tips you must know