They discover a failure in Telegram

The application impregnable doesn't seem so impregnable after all. Or at least its service through other unofficial applications, as discovered by a Spanish researcher. Thus, a bug has been discovered in the messaging application Telegram that could jeopardize the privacyof some users. However, don't be completely alarmed just yet, since the problem seems to only affect unofficial customers, maintaining the security you boast about in the official apps for Android and iPhone available.

The information comes from the blog of the National Institute of Communication Technologies, where the security expert Jesús Díaz publishes an article explaining the possible failure of the messaging system. A vulnerability that would allow a third person to enter between the server and the receiver to capture their information Specifically, the tests ensure the possibility of knowing the information on messages that are not sent through the famous secret chats, block other messages,modify the sender and content of these before they reach the real user, start new conversations without permission , get the user's contact list or even open and accept secret chats. More reasons enough to destroy all the raisons d'être of this application.

To do this, Díaz has used a technique known as Man In The Middle (man in the middle), which allows him to sneak into the section between the server of Telegram and the receiving user. Something that it has achieved thanks to another of the features that Telegram praises from its website: its opening And the fact is that the service offers its application creation tools (API) and its code openly, so that any user can use them at any time to create your own application in a comfortable and simple way. An issue that, in this case, can be used to create an application with a trick to get to an intermediate point where it goes unnoticed by the end user and the service to transform or obtain information

Apparently, this security expert has already contacted those responsible for Telegram to inform them of this possible security breach. However, according to Díaz, the company has responded by reporting the impossibility of offering the same type of security in unofficial applications or clients created with some type of vulnerability . In other words, it does not respond to possible failures that have applications that are not theirs or those that have been verified by them

Therefore, although the vulnerability can be exploited in unofficial applications of Telegram, it seems that the ones that are are still that impregnable bastion they claim. So much so that they continue to offer a $200,000 prize for those who find any kind of problem, even though it seems like it has to be in these official tools.There is no need to fear, at least for the moment, that the conversations of Telegram will be read by third parties, especially if secret chats are used, which offer even more security.