A feature that allows Telegram users to see who’s nearby can be misused to pinpoint your exact distance to other users – by spoofing one’s latitude and longitude.
According to bug-hunter Ahmed Hassan, the “People Nearby” feature could allow an attacker to triangulate the location of unsuspecting Telegram users. The feature is disabled by default, but as Hassan pointed out, “Users who enable this feature are not aware they are basically publishing their precise location.”
The feature lists exactly how far people are from one’s location (1.3 miles and so on). This isn’t an issue as long as that number remains a radius. But it’s possible to spoof one’s location for three different points, and then use the resulting three distances to precisely pinpoint where a target is, the researcher found.
Read more…
Source: ThreatPost