According to U.Today, Telegram's official representative has refuted recent reports of a critical vulnerability within the Telegram Messenger desktop app. The company stated that they could not confirm the existence of the vulnerability mentioned in the warning issued by crypto security firm Certik. The viral video, which the news was based on, was described as a hoax by the company. The video's creators failed to provide any verifiable information that could replicate the alleged security flaw, leaving no definitive way to confirm the vulnerability's existence.
Previously, Certik reported a serious security risk in Telegram's desktop app, identifying a Remote Code Execution flaw. This flaw supposedly allowed the creation of special media files, such as photos or videos, that could potentially compromise a user's system. However, there was no actual confirmation of this vulnerability. As a precaution, users were advised to disable auto-downloads in Telegram and turn off the auto-download feature for photos, videos, and files for all chat types.
If the threat had been real, malicious code could have been executed, putting funds at direct risk. Initial reports suggested that any executable code could infiltrate through media files, potentially causing significant losses. However, Telegram has confirmed that no such danger exists, ensuring the safety of users' funds and wallets on systems with the Telegram desktop app.
On mobile devices, there were no reports of this vulnerability, as executable code operates differently on desktop operating systems and mobile. If the vulnerability had been real, hackers could have sent a disguised image or video which, when downloaded, could have provided them access to users' systems. However, Telegram has assured users that all its systems are safe and can continue to be used without concern.