1. BITBILIHome
  2. Article

Messaging giant Telegram’s security breach exposes Mac users’ cameras

131 views

TL;DR Breakdown

  • Telegram downplayed the seriousness of an exploit that allowed researchers to access the camera systems of Apple macOS devices.
  • By injecting a dynamic library into a user’s system, the exploit could grant access to the device’s camera and enable the recording and saving of the files.
  • The introduction of blockchain-based anonymous numbers as a feature in Telegram further showcases the platform’s efforts to enhance user privacy. 

Messaging application Telegram downplayed the seriousness of an exploit that allowed researchers to access the camera systems of Apple macOS devices. The exploit was flagged by software engineer Dan Revah, who detailed the method in a blog post. By injecting a dynamic library into a user’s system, the exploit could grant access to the device’s camera and enable the recording and saving of the files. Revah also claimed that the exploit could bypass the terminal’s sandbox using a launch agent and gain additional system privileges. 

However, the spokesperson Remi Vaughn stated that Telegram users are not at risk by default, as the exploit requires malware to be installed on their systems. Vaughn attributed the issue to Apple’s permission security and the possibility of bypassing the sandbox restrictions meant to prevent abuse of third-party apps. The application made changes to address the exploit, and the updated version received approval from the Apple App Store. Users who downloaded Telegram directly from the app’s website were not affected. 

Telegram addresses the exploit

In a separate update, Telegram introduced a feature in December 2022 that allows users to create accounts using blockchain-based anonymous numbers to enhance privacy and security. This feature requires users to purchase blockchain-powered anonymous numbers from the decentralized auction platform Fragment. The usernames and anonymous numbers obtained from the platform are only compatible with Telegram. Telegram founder Pavel Durov also indicated in November 2022 that the platform would develop decentralized tools and services following the collapse of the FTX cryptocurrency exchange owned by Sam Bankman-Fried.

Additionally, the discovery of the exploit in Telegram highlights the ongoing challenge of balancing user privacy and security with the potential risks posed by vulnerabilities in software systems. While Telegram emphasized that its users were not at risk by default, the incident raises concerns about the overall security of messaging applications and the ability of attackers to exploit weaknesses in the underlying operating systems.

The response from Telegram, in addressing the exploit and working to make necessary changes, reflects the company’s commitment to maintaining the privacy and security of its users. By promptly implementing updates and obtaining approval from the Apple App Store, Telegram demonstrated its dedication to addressing potential vulnerabilities and protecting its user base.

The introduction of blockchain-based anonymous numbers as a feature in Telegram further showcases the platform’s efforts to enhance user privacy. By leveraging decentralized technology, Telegram aims to provide users with more control over their personal information and communication. This aligns with the growing trend of integrating blockchain and decentralized solutions to address concerns regarding data privacy and security.

As for Apple, the response from the company regarding the exploit is awaited. Given the gravity of the issue, it is likely that Apple will investigate the matter and take appropriate measures to address any vulnerabilities in its macOS operating system that may have enabled the exploit.

Overall, the incident serves as a reminder of the importance of regularly updating software, maintaining strong security measures, and being vigilant against potential vulnerabilities that could be exploited by malicious actors. It highlights the ongoing cat-and-mouse game between cybersecurity researchers and attackers, with companies like Telegram working to stay one step ahead to protect their users’ privacy and security.

Disclaimer. The information provided is not trading advice. Cryptopolitan.com holds no liability for any investments made based on the information provided on this page. We strongly recommend independent research and/or consultation with a qualified professional before making any investment decisions.

文章来源于互联网:Messaging giant Telegram’s security breach exposes Mac users’ cameras

Disclaimers:

1. You are solely responsible for your investment decisions and this info is not liable for any losses you may incur.

2. The copyright of this article belongs to the writer, it represents the writer's opinions only, not represents the site's ones. Not financial advice.

Previous 2023年5月18日 16:08
Next 2023年5月18日 17:01

Related articles

  • Argentina officially launches its first bitcoin futures contract

    TL;DR Breakdown Argentina launches its first regulated bitcoin futures contract, providing qualified investors with exposure to cryptocurrency in a regulated manner. The contract is based on a bitcoin index powered by Matba Rofex, the Argentinian stock exchange, and was authorized by the National Securities Commission (CNV). The move aims to promote the development of innovative products within the regulated entities of the capital market and marks the CNV’s first approval of a crypto product. Description Argentina has officially introduced its first bitcoin futures contract based on a bitcoin index, providing qualified investors with regulated exposure to the cryptocurrency. It is important to know that the contract, published by Matba Rofex, the Argentinian stock exchange, received authorization from the country’s National Securities Commission (CNV) back in April. This marks the CNV’s … Read more Argentina has officially introduced its first bitcoin futures contract based on a bitcoin index, providing qualified investors with regulated exposure to the cryptocurrency. It is important to know that the contract, published by Matba Rofex, the Argentinian stock exchange, received authorization from the country’s National Securities Commission…

    Article 2023年7月14日

  • CZ’s bold forecast: DeFi set to surpass CeFi in prominence, says Binance CEO

    TL;DR Breakdown Binance CEO CZ predicts DeFi will surpass CeFi in prominence within six years. DeFi’s growth is driven by increasing user adoption and direct interactions with blockchain networks. CZ highlights the importance of DeFi in providing financial access to those excluded from traditional banking services. Description Binance CEO Changpeng ‘CZ’ Zhao has boldly predicted that decentralized finance (DeFi) will surpass centralized finance (CeFi) in prominence within the next six years. Celebrating the exchange’s sixth anniversary, Zhao emphasized that the increasing usage of DeFi products and direct interactions with blockchain networks will accelerate DeFi activities. DeFi can provide financial access to individuals … Read more Binance CEO Changpeng ‘CZ’ Zhao has boldly predicted that decentralized finance (DeFi) will surpass centralized finance (CeFi) in prominence within the next six years. Celebrating the exchange’s sixth anniversary, Zhao emphasized that the increasing usage of DeFi products and direct interactions with blockchain networks will accelerate DeFi activities. DeFi can provide financial access to individuals currently excluded from traditional financial institutions such as banks. Highlighting the recent surge in institutional interest in cryptocurrencies, Zhao asserted…

    Article 2023年7月16日

  • DFintoch exit scam: investors robbed of millions in shocking cryptocurrency deception

    TL;DR Breakdown DFintoch, a high-yield investment program (HYIP), is suspected of orchestrating an exit scam. DFintoch had falsely claimed to be owned by Morgan Stanley, a renowned financial institution, to attract investors. The Singapore Government and Morgan Stanley had previously issued advisories cautioning against investing in DFintoch, highlighting its fraudulent nature. In a stunning turn of events, the team behind the high-yield investment program (HYIP) known as DFintoch is suspected of orchestrating an exit scam, leaving investors dismayed and questioning the project’s legitimacy. The alleged scam involved a disappearance of approximately $31.6 million USDT on the Binance Smart Chain (BSC) after funds were transferred to multiple addresses on Tron and Ethereum, ultimately rendering investors unable to withdraw their money. News of the potential scam began circulating when prominent cryptocurrency commentator ZachXBT took to Twitter to raise the alarm. The tweet suggested that DFintoch, which touted a daily return on investment (ROI) of 1%, had abruptly ceased operations and vanished with substantial investors’ funds. It appears the team behind the ponzi @DFintoch has likely exit scammed with 31.6m USDT on BSC…

    Article 2023年5月26日

  • Tether uses Bitcoin to strengthen its reserves

    TL;DR Breakdown Tether International Limited has announced a new investment strategy where it will use up to 15% of its net realized operating profits to purchase Bitcoin regularly. The Bitcoin purchase initiative aims to strengthen, diversify, and amplify Tether’s reserves, enhancing transparency about the company’s performance and capital allocation strategy. Unlike other institutional investors, Tether maintains possession of the private keys for all its Bitcoin holdings, demonstrating a strong commitment to security. In a bold move that marks a significant strategy shift, Tether International Limited, the organization behind the pioneer and most popular stablecoin, has declared its new investment plan. The strategy entails strengthening its reserves portfolio through periodic Bitcoin (BTC) purchases, using up to 15% of its net realized operating profits, according to the company’s recent announcement. Tether’s investment strategy The company’s recent endeavors to purchase Bitcoin are part of an initiative aimed at amplifying, diversifying, and fortifying its reserves. By doing so, Tether aims to enhance transparency, providing a more precise portrayal of its financial performance and capital allocation strategy. The company stated that it would concentrate solely…

    Article 2023年5月18日

  • Regulators target South Korean crypto lender Delio

    TL;DR Breakdown South Korea’s Financial Services Commission is investigating cryptocurrency lender Delio for allegations of fraud, embezzlement, and breach of trust, following the suspension of its transactions. The investigation includes securing Delio’s financial data, conducting on-site inspections, and evaluating potential lawsuits from victims against the company’s management. This comes as part of a larger effort by South Korea’s government to safeguard cryptocurrency investors, with the recent passage of the Virtual Asset User Protection legislation. Description The storm clouds are gathering over Delio, the prominent South Korean cryptocurrency lending platform. In the wake of the company suspending deposits and withdrawals on June 14, the nation’s Financial Services Commission (FSC) is now launching a thorough investigation into serious allegations including fraud, embezzlement, and breach of trust involving the platform. The regulators move … Read more The storm clouds are gathering over Delio, the prominent South Korean cryptocurrency lending platform. In the wake of the company suspending deposits and withdrawals on June 14, the nation’s Financial Services Commission (FSC) is now launching a thorough investigation into serious allegations including fraud, embezzlement, and breach…

    Article 2023年7月3日
TOP