Telegram dimisses claim of a flaw in its secure messaging application
Telegram, a messaging application that markets itself as a secure communication tool, doesn’t handle encrypted conversations securely, according to the founder of a mobile security company.
Zuk Avraham of Zimperium wrote in a blog post Monday that he found several weak points that allowed him to recover plain text messages.
Avraham didn’t try to directly crack messages encrypted by Telegram, which is backed by Pavel Durov, founder of the popular Russian social networking site Vkontakte. Instead, Avraham focused on an alternative attack using a kernel exploit to gain root access on an Android device and then looking at how Telegram handled messages in memory.