A team of researchers at Royal Holloway, University of London, identified crucial security vulnerabilities in Telegram, a famous messaging platform used by around 500 million across the globe. They analyzed the encryption protocols used & unveiled the flaw in its cloud chats. The app stated it found out the researchers' & fixed them in the newest update. It uses the MTProto to secure its cloud chats, like Transport Layer Security (TLS).
The study added that for 2 different chat kinds, the platform uses its MTProto record layer to offer protection based on symmetric cryptographic methods. By default, the messages are authenticated & encrypted, but the cloud chats are not end-to-end encrypted. They also explain the techniques used to attack the app's security protocol & how they succeeded.
The researchers explained in their study that they released 4 attacks on the app's security protocol & the final one broke its authentication properties. The flaws gave a competitor the chance to rearrange the messages, allowing the attackers to exploit app bots. Numerous e-bots are controlled by cloud chats.
Image source: Telegram