Attack surface: Telegram Mini Apps “Telegram Mini Apps are essentially web applications that you can run directly within the Telegram messenger interface. Mini Apps support seamless authorization, integrated crypto and fiat payments (via Google Pay and Apple Pay), tailored push notifications, and more.” This attack surface also affects web3 users because it handles crypto payments through the TON Blockchain.
Telegram fixed the flaw on March 11th, 2024. Vulnerable version: Telegram WebK 2.0.0 (486) and below Fixed version: Telegram WebK 2.0.0 (488)
Attack surface: Telegram Mini Apps “Telegram Mini Apps are essentially web applications that you can run directly within the Telegram messenger interface. Mini Apps support seamless authorization, integrated crypto and fiat payments (via Google Pay and Apple Pay), tailored push notifications, and more.” This attack surface also affects web3 users because it handles crypto payments through the TON Blockchain.
Telegram fixed the flaw on March 11th, 2024. Vulnerable version: Telegram WebK 2.0.0 (486) and below Fixed version: Telegram WebK 2.0.0 (488)
In recent times, Telegram has gained a lot of popularity because of the controversy over WhatsApp’s new privacy policy. In January 2021, Telegram was the most downloaded app worldwide and crossed 500 million monthly active users. And with so many active users on the app, people might get messages in bulk from a group or a channel that can be a little irritating. So to get rid of the same, you can mute groups, chats, and channels on Telegram just like WhatsApp. You can mute notifications for one hour, eight hours, or two days, or you can disable notifications forever.
Newly uncovered hack campaign in Telegram
The campaign, which security firm Check Point has named Rampant Kitten, comprises two main components, one for Windows and the other for Android. Rampant Kitten’s objective is to steal Telegram messages, passwords, and two-factor authentication codes sent by SMS and then also take screenshots and record sounds within earshot of an infected phone, the researchers said in a post published on Friday.
