If you add a hacker to your contact list and take their call, Telegram’s well-known messaging service may reveal your IP address. Security researcher Denis Simonov, commonly known as n0a, recently brought attention to the problem and created a straightforward tool to attack it.
TechCrunch independently validated the researcher’s results by adding Simonov to the contacts of a freshly made Telegram account. Following a phone call to the account, Simonov quickly gave TechCrunch the IP address of the machine hosting the experiment.
Even though experts have frequently cautioned that Telegram is not as safe as end-to-end encrypted program Signal, for example, Telegram counts 700 million users worldwide and has long positioned itself as a “secure” and “private” messaging tool. Although it has long been known that Telegram exposes your IP address to individuals in your contacts when you are oina phone conversation, iprobably,new, less tech-savvy users may not be aware of this.
“Telegram focuses on security and privacy, but in order to stay safe you need to be aware of the nuances of how the messenger’s voice calls work,” said Simonov, the founder of the cybersecurity company T.Hunter, to TechCrunch.
“An unprepared person can easily reveal his IP address to his interlocutor if he does not know about them,” stated Simonov.
According to Telegram spokeswoman Remi Vaughn, the peer-to-peer connection between callers is used by default in Telegram “for better quality and reduced latency,” which is why Telegram exposes users’ IP addresses during a call.
The drawback os that, ecause it’s a direct connection, both parties must be aware of each other’s IP address. Calls from people who are not on your contact list will be sent through Telegram’s servers, unlike other messengers, to hide that, according to Vaughn.
You must navigate to Telegram’s Settings > Privacy and Security > Calls and then choose “Never” in the Peer-to-Peer menu, as shown below, to prevent your IP address from being exposed.