Bitcoin
Bitcoin (BTC)
$58,138.00 0.92669
Bitcoin price
Ethereum
Ethereum (ETH)
$3,130.50 0.26355
Ethereum price
BNB
BNB (BNB)
$533.32 1.07272
BNB price
Solana
Solana (SOL)
$138.75 0.29958
Solana price
XRP
XRP (XRP)
$0.4622560 4.25132
XRP price
Shiba Inu
Shiba Inu (SHIB)
$0.0000165 0.40132
Shiba Inu price
Pepe
Pepe (PEPE)
$0.0000089 -3.02261
Pepe price
Bonk
Bonk (BONK)
$0.0000229 -8.00263
Bonk price
Bitcoin
Bitcoin (BTC)
$58,138.00 0.92669
Bitcoin price
Ethereum
Ethereum (ETH)
$3,130.50 0.26355
Ethereum price
BNB
BNB (BNB)
$533.32 1.07272
BNB price
Solana
Solana (SOL)
$138.75 0.29958
Solana price
XRP
XRP (XRP)
$0.4622560 4.25132
XRP price
Shiba Inu
Shiba Inu (SHIB)
$0.0000165 0.40132
Shiba Inu price
Pepe
Pepe (PEPE)
$0.0000089 -3.02261
Pepe price
Bonk
Bonk (BONK)
$0.0000229 -8.00263
Bonk price
Bitcoin
Bitcoin (BTC)
$58,138.00 0.92669
Bitcoin price
Ethereum
Ethereum (ETH)
$3,130.50 0.26355
Ethereum price
BNB
BNB (BNB)
$533.32 1.07272
BNB price
Solana
Solana (SOL)
$138.75 0.29958
Solana price
XRP
XRP (XRP)
$0.4622560 4.25132
XRP price
Shiba Inu
Shiba Inu (SHIB)
$0.0000165 0.40132
Shiba Inu price
Pepe
Pepe (PEPE)
$0.0000089 -3.02261
Pepe price
Bonk
Bonk (BONK)
$0.0000229 -8.00263
Bonk price
Bitcoin
Bitcoin (BTC)
$58,138.00 0.92669
Bitcoin price
Ethereum
Ethereum (ETH)
$3,130.50 0.26355
Ethereum price
BNB
BNB (BNB)
$533.32 1.07272
BNB price
Solana
Solana (SOL)
$138.75 0.29958
Solana price
XRP
XRP (XRP)
$0.4622560 4.25132
XRP price
Shiba Inu
Shiba Inu (SHIB)
$0.0000165 0.40132
Shiba Inu price
Pepe
Pepe (PEPE)
$0.0000089 -3.02261
Pepe price
Bonk
Bonk (BONK)
$0.0000229 -8.00263
Bonk price

Telegram refutes CertiK’s auto-download security risk claim

telegram-certik-security-risk-claim
Edited by
News
Telegram refutes CertiK’s auto-download security risk claim

Blockchain security startup CertiK said Telegram’s desktop application poses risks to use due to a media auto-download feature, but the social network challenged such claims.

CertiK alerted the crypto community to a supposed high-risk vulnerability in images and videos sent on Telegram’s private messaging app.

Users were advised to turn off automatic download settings to mitigate attacks, but the security provider did not explain how it reached this conclusion. 

https://twitter.com/CertiKAlert/status/1777632812700713254

Telegram responds to CertiK’s claim

Shortly after CertiK’s notice on X, Telegram debunked the assertion that its over 800 million worldwide users might be compromised if they have automatic media downloads turned on. The platform added that participants had not reported cases of remote code execution (RCE) leading to crypto wallet hacks. 

We can’t confirm that such a vulnerability exists. This video is likely a hoax. Anyone can report potential vulnerabilities in our apps.

Telegram team

Expert weighs in

Following the news, crypto.news contacted Polyzoa founder Kirill Tiufanov about the possibility of an RCE attack vector highlighted by CertiK. Tiufanov, a web3 security veteran, surmised that this vulnerability seemed unlikely.

That’s quite an abstract assumption as they don’t give any tech details. Technically everyone can say don’t download unknown files as it might be risky.

Kirill Tiufanov, Polyzoa founder

While the claim remains in contention, CertiK advised users to turn off automatic media downloads to ensure maximum safety on the desktop application.

Several social media platforms allow users to download files with zero clicks, but Telegram is one of the few messaging providers enabling crypto features. The app’s design has allowed blockchain builders to integrate tools like BonkBot and wallets while maintaining security. 

Telegram does not support cryptocurrencies, but it can be used as a gateway for users and merchants to send and receive payments in digital assets.

Solutions like Binance Labs-backed Grindery have leveraged account abstraction smart contracts to unlock one-click transactions on the social media app. In addition, Telegram has opened up a revenue-sharing system for users backed by parent company The Open Network’s Toncoin, providing users with rewards for displaying ads on channels.