Weekly Comments

25 September - 2 October 2018

Popular messaging applications like Telegram and WhatsApp are not void of security risks.
Popular messaging applications like Telegram and WhatsApp are not void of security risks. This week, a researcher found that Telegram leaks a user’s IP address when making phone calls over P2P using its default configuration. When using P2P to make Telegram calls, the IP address of the other person will appear in the Telegram console logs. Users can hide their IP address by changing the privacy settings under Peer-To-Peer to ‘Never’ or ‘Nobody’. Telegram has also fixed its desktop client to set Peer-To-Peer to Nobody, to hide a user’s IP address.

In addition, the OwnMe Android spyware, which appears to be still in development, has been found capable of compromising WhatsApp messages, capturing screenshots, pilfering browsing history and contact lists. OwnMe also maintains persistence in an infected device by starting up whenever the device finishes booting.

We advise users to secure their messaging applications like Telegram and WhatsApp by staying vigilant of the latest threats and configure their privacy settings to secure their messages and calls. To avoid falling prey to Android malware, we advise users to avoid downloading applications from untrusted sources as they could be malicious. We also advise users to refrain from clicking and opening links and attachments in unsolicited emails as they could be deceived into downloading malware. 

[1] Telegram Leaks IP Addresses by Default When Initiating Calls
[2] Telegram fixes IP address leak in desktop client
[3] Android Trojan reads Whatsapp-Messages

More Weekly Cyber Newsanalysis and insights

Ensign Consulting

Enhancing your security posture, developing your cyber strategy, and designing your incident response plans.​

Ensign Systems Integration

Architecting and implementing cybersecurity solutions that bolster defences

Ensign Managed Security Services

Managing your security operations for advanced threat detection, continuous monitoring, and triage services

Ensign Labs

Performing deep research to analyse vulnerabilities, deploy advanced threat hunting and provide cyber threat intelligence