Privacy and security are crucial in a time when digital communication predominates. Telegram stands out as one of the most well-liked and widely used platforms amid the plethora of chat apps. Over 700 million people worldwide have subscribed due to its reputation for safe, encrypted chat. But a recent disclosure by cybersecurity expert Denis Simonov, commonly known as n0a, has highlighted a worrying flaw in Telegram—one that makes it possible for someone’s IP address to be revealed during a voice chat.
IP Address Exposure: A Problem
The peer-to-peer connection that Telegram uses for voice conversations is the root of the issue. This approach is used because it can result in higher call quality and less delay. However, because the connection is made directly, it has an inherent disadvantage in that both people involved in the call must be aware of each other’s IP addresses. Telegram’s method may unintentionally reveal your IP address to your call companion, in contrast to other messaging systems where calls are routed through centralized servers.
This important problem, which has been disregarded for years, has been revealed by Simonov’s most recent disclosure. He also created a simple tool to take advantage of this flaw, making it even simpler for malicious people to learn your IP address without your knowledge.
How Exploitation Operates
The STUN (Session Traversal Utilities for NAT) protocol is used by Simonov’s tool, which is intended to help devices using Network Address Translation (NAT) determine their external IP addresses and the kind of NAT being used on their gateway. By examining network traffic using the well-known network analysis program Wireshark, he found the STUN protocol communication.
According to Simonov, “After spending a little time, I decided to automate the process of obtaining the IP of my counterpart in Telegram using the console version of Wireshark – tshark.”
This information emphasizes how urgent it is to comprehend this security hole and learn how to prevent your IP address from being disclosed during Telegram voice calls.
Privacy Protection Online
Follow these actions to protect your online privacy and stop Telegram from revealing your IP address:
- Setting up Telegram: Navigate to the settings in the Telegram app after opening it.
- Select “Privacy and Security” from the settings menu to use this feature.
- Scroll down to “Calls” in the privacy and security area to configure call settings.
- Peer-to-Peer Settings: This option is identified as “Peer-to-Peer.” Choose it.
- Choose “Never”: Go to the “Peer-to-Peer” settings and select “Never.”
Your calls will be routed through Telegram’s servers if you set “Peer-to-Peer” to “Never,” adding an extra degree of IP address security. This implies that even if your call partner is not in your contact list, your IP address will still be hidden from them.
While Telegram’s peer-to-peer connection provides better call quality, it’s important to be aware of the risks involved, such as the possibility of your IP address being revealed. The information discovered by Denis Simonov and the program he created serve as sharp reminders that maintaining online privacy requires ongoing attention. You can actively protect your online privacy and avoid the accidental disclosure of your IP address by changing your settings to route calls through Telegram’s servers.
Understanding and reducing online security risks is essential as the digital landscape continues to change. It is crucial for users to stay aware about potential vulnerabilities and take precautions to protect their personal information because a large portion of Telegram’s user base relies on the platform for secure communication.
Knowledge and awareness are our greatest allies in safeguarding the privacy and security we value in a world where technology is pervasive in our daily lives.