SECURITY

Nightmare for Cryptocurrency Big Shots! Common Scam Vulnerabilities in Telegram Finally Hide Login Verification Codes

share
Nightmare for Cryptocurrency Big Shots! Common Scam Vulnerabilities in Telegram Finally Hide Login Verification Codes

If Twitter is the most commonly used social media platform in the cryptocurrency community, then Telegram is the most commonly used messaging app. However, Telegram has been plagued by a large number of social engineering scams, with scammers using a Telegram verification login feature to steal Telegram accounts and causing significant financial losses. This vulnerability has affected many prominent figures in the cryptocurrency industry, but Telegram has recently introduced remedial measures to prevent such incidents.

Telegram Security Vulnerability! Cryptocurrency Leaders Targeted Successively

Telegram uses a login method that involves sending verification codes, which many malicious actors exploit to steal accounts.

Since Telegram allows login via phone number, it can send "login verification codes" to the phone and devices logged in using that phone number. Because Telegram users' phone numbers are visible by default in the system, unless privacy settings are deliberately adjusted, other users' phone numbers will be exposed to "contacts" or even "everyone" who knows. Telegram has advocated changing phone number privacy

The criminal methods of malicious actors are as follows:

  • Malicious actors will send messages to cryptocurrency leaders' Telegram accounts, claiming that "two duplicate cryptocurrency leaders" have appeared in their contacts, and request the cryptocurrency leader to screenshot their phone screen to help identify.
  • While the cryptocurrency leader takes a screenshot, malicious actors will attempt to log in using the phone number, at which point, Telegram's login verification code will also be pushed through the official account to the cryptocurrency leader's conversation thread.
  • As a result, the login verification code can be leaked through the previewable part of the conversation. As shown below,

  • If the cryptocurrency leader has not set up Two-Step Verification, malicious actors can then log out all devices logged into the cryptocurrency leader's account and successfully take over the account.

Telegram Vulnerability Chain Reaction, TON Wallet Assets Lost

Once a cryptocurrency leader is targeted, malicious actors can more easily impersonate the leader to defraud other friends by repeatedly using this method, creating a chain reaction; they can steal data and even create new accounts.

What is frightening is that since Telegram supports the cryptocurrency project Toncoin TON, with a built-in wallet application, when a cryptocurrency leader loses their account, they also lose the wallet permissions:

Telegram Finally Patches the Vulnerability, Login Verification Codes Hidden

Perhaps due to too many similar scams, the mysterious Telegram operations team finally made the login verification codes "invisible" in the message interface. However, in practical tests, only the mobile version hides it, while the desktop version does not:

As a result, the chances of the above methods being successful are even lower. Nonetheless, it is crucial for users to go to the settings interface to set up more protective measures to avoid falling victim.