Are Telegram Bots Dangerous?



Are Telegram bots dangerous,Telegram bot,telegram fraud
Photo Credit: iStock Photo

TELEGRAM, The Secure Messaging App is Important for Two Different Reasons. The app is a go-to encrypted communication tool for hundreds of millions of users worldwide, particularly those wishing to reduce government surveillance and restrictions in countries such as Russia and Iran. 

The other issue is that several cryptography experts have challenged Telegram's encryption scheme's integrity. Recent research from web security firm Force point to Telegram's bot use has implications for both Telegram users and detractors.


Telegram bots are small programs that may be embedded in Telegram chats or public channels to execute certain tasks. They may provide customized keyboards, create cat memes on demand, and even collect money and serve as a digital bookstore. 

Telegram bots are popular because they are fun and convenient, and Telegram has enabled them since 2015. They are simply automated Telegram accounts that you can add to conversations and channels much like a buddy. But, when studying the bot platform, Forcepoint discovered that the functionality does not employ the encryption technique used by Telegram to safeguard its chats. As a result, introducing a bot into a chat or channel adversely affects its security.


As a result, introducing a bot to a chat or channel reduces its security and makes it simpler for a third party to intercept communications.

"This is something that affects you if you operate a bot or are in a channel with bots," explains Luke Somerville, Forcepoint's chief of special investigations. "To be honest, we were startled when we discovered that bot security is so different from how conventional messaging works."


Telegram bots, in particular, do not employ MTProto, Telegram's encryption protocol, which provides a framework in which users' communications to one another are jumbled and unreadable while in transit between a sender's and recipient's devices.


While academics have expressed various concerns about MTProto over the years, Telegram insists that it is safe; if you trust Telegram with your encrypted conversations, you are trusting MTProto.

Telegram's bot platform, on the other hand, is built on the transport layer security protocol, which is used in HTTPS web encryption. TLS is wonderful for a lot of things, but it isn't strong enough to be the only encryption in a secure communication service designed to give advanced security.

 As a result, programs such as Signal and WhatsApp utilize the Signal Protocol, whereas Telegram has MTProto. However, by developing its bot platform without MTProto, Telegram creates a situation in which bringing a bot to a chat or channel effectively degrades the experience.


The finding was made in an unexpected method by Forcepoint. Security researchers have previously discovered Telegram bots can command and manage malicious Android applications and even exfiltrate data from Telegram chats using the Telegram bot API. 

Because of their tight integration with the app, bots are a popular piece in attack methods. While investigating one such malware operation, Forcepoint revealed that Telegram chats with bots have lower security.


The researchers examined a sample of GoodSender remote management malware and discovered a mechanism within the code that awaited orders from a Telegram bot. The virus had two pieces of Telegram identity and authentication information, known as the bot API token and Chat ID, which are used to guide bot inquiries to the appropriate conversations. Armed with this information, the researchers realized they could create API queries that would effectively replay all conversations between the virus creator and his bot.


The researchers were able to examine how the hacker set up, tested, and finally began spreading the malware because he made the error of performing all of his testing and deployment in one bot setup (rather than masking his traces by utilizing numerous accounts).

While the Forcepoint researchers utilized the Telegram API to eavesdrop on the hacker's bot messages as part of their well-intentioned protection study, they highlight that someone else might use the same approach for evil and look back at an entire discussion in which a bot is present. 

Even if a user does not have the bot API token and Chat ID from a malware sample, they may be able to extract them in other methods. Both pieces of information are included in every Telegram message so that bots may determine which data or service to provide to which conversation.

The thought that a secure messaging service's own functionality might degrade its encryption technique without alerting the user is troubling.

"You may set up your own burner Telegram account and instruct the bot to send these communications to you,"It's a straightforward procedure, and you can forward all of the bot's messages in that channel." You will be able to view all of their communications."


Forcepoint has contacted Telegram about the results but has declined to comment on its discussions with the business. "The fact that bot traffic is routed through HTTPS is not something to be 'discovered'—it's a documented characteristic of the system," said Markus Ra, Telegram's head of support, in a statement.


"This is a common practice in the industry. It should be noted that Telegram bots only receive messages that are explicitly intended for them by default." Telegram further claims that obtaining the bot API token and Chat ID is equivalent to stealing someone's account password—at that point, an attacker would have full access regardless. The firm could not explain why bot conversations are only protected using HTTPS rather than MTProto.

Taking advantage of the less secure Telegram chats and channels with bots would still necessitate an attacker being able to decode HTTPS Telegram communications.


To keep your Telegram conversations, secure, avoid using bots in your chats and be alert when you're in chats or channels that use them. To make communications really private, limit the number of participants in a conversation as low as possible. Many cryptographers and security professionals, including White, believe that the safest approach to utilize Telegram is to avoid it entirely.


They question if Telegram is completely end-to-end encrypted (a feature that isn't enabled by default) and are concerned that the proprietary MTProto protocol would be impossible to fully test. However, the security disparities between conversations that involve bots and chats that do not are significant for the app's 200 million users.



WhatsApp New Features update 2021. WhatsApp Added Multi-Device Support Feature

Top 12 Best Football Movies on Netflix. Check out list of Good Sports Movies on Netflix
Elon Musk: Interesting Facts You Should Know
8 Most Expensive Foods in the World





Post a Comment

Post a Comment (0)