If you use Telegram Desktop on same system as your wallets, be cautious
app by the crypto security firm Certik. They discovered what is called a Remote Code Execution flaw. It opens up a way of crafting special media files, like photos or videos, to take over a user's system.To stay safe, it is important to stop Telegram from automatically downloading media. Here's how to do it:
Disable auto-downloads in Telegram, open the app settings, select"Advanced," and then turn off the auto-download feature for photos, videos and files for all chat types.Possible RCE was detected in Telegram's media processing in Telegram Desktop application.If you store cryptocurrencies or different digital assets, you should immediately take action. Hackers could use this weakness to get into your OS and, from there, they could access your crypto wallets.
After some malicious code is executed, your funds are at direct risk. Unfortunately, after some code is executed, the only way to gain back control over the system would be the usage of a backup. Any executable code might get through the media files, causing serious losses. Such files are most likely to appear in public chats related to crypto and finances.There has been no word from Telegram about this problem yet.
Not fixing this vulnerability could open the door for hackers to insert malicious code that targets crypto wallets. They could send a disguised image or video which, when downloaded, could give them a way into your system. And if you are using Telegram to receive updates or share information about your crypto dealings, this could put you at greater risk.Arman strongly believes that cryptocurrencies and the blockchain will be of constant use in the future.
United Kingdom Latest News, United Kingdom Headlines
Similar News:You can also read news stories similar to this one that we have collected from other news sources.
‘High-risk’ Telegram vulnerability exposes users to attacks — CertiKCertiK discovered a “high-risk vulnerability” on Telegram app, which potentially allows hackers to deploy a remote code execution attack.
Read more »
Critical Vulnerability in ParaSwap Contract Leads to Funds Being DrainedThe ParaSwap AugustusV6 contract, which momentarily went live on March 18, contained a critical vulnerability that allowed hackers to drain funds from users who approved the upgrade. After a three-day voting period, 96.81% of ParaSwap voters agreed with the DAO’s proposed method of compensating users. The Paraswap community voted to refund victims using DAO treasury funds.
Read more »
Researchers Expose Vulnerability in Tesla Cars Through Social Engineering AttackSecurity researchers at Mysk have discovered a social engineering attack that exploits a vulnerability in Tesla's fleet of cars. By tricking users who connect to the free wireless internet at Tesla's Supercharging and Service stations, attackers can obtain the necessary details to create a key for the vehicles.
Read more »
Researchers identify gene involved in neuronal vulnerability in Alzheimer's diseaseEarly stages of neurodegenerative disorders are characterized by the accumulation of proteins in discrete populations of brain cells and degeneration of these cells. For most diseases, this selective vulnerability pattern is unexplained, yet it could yield major insight into pathological mechanisms.
Read more »
Working Beyond the 9–5 Leads to Health 'Vulnerability' Later in LifeWen-Jui Han, from New York University, analysed data from more than 7,000 people in the United States to see how their work affected their sleep and health.
Read more »
ParaSwap evades hack targeting Augustus v6 contract vulnerabilityParaSwap paused the v6 API soon after discovering the vulnerability and secured the potential victims’ funds through a white hack. Plans to reimburse potential victims are underway.
Read more »