Telegram Proxy Link Vulnerability Exposes User IP Addresses
Security researchers have uncovered a critical flaw in Telegram’s proxy link handling that can inadvertently reveal users’ real IP addresses. The vulnerability arises when users interact with Telegram usernames or specific proxy-related links, undermining the anonymity these proxies are designed to provide.
Proxy links are intended to mask IP addresses, but the discovered flaw allows attackers to extract a user’s actual IP through seemingly routine actions such as clicking a username or engaging with certain links. This poses a significant privacy risk, enabling malicious actors to track user activity or compromise personal data.
In response, Telegram has announced plans to implement enhanced security measures, including explicit warnings for users interacting with proxy links. These alerts will notify users of potential IP exposure risks, while broader initiatives such as user education campaigns and improved proxy link management aim to strengthen privacy protections.
The platform has reaffirmed its commitment to security, emphasizing ongoing efforts to address emerging threats and reinforce user trust. The updates are expected to roll out as part of Telegram’s broader strategy to mitigate risks and enhance privacy safeguards.
Telegram TPRM report: https://www.rankiteo.com/company/telegram-messenger
"id": "tel1768307431",
"linkid": "telegram-messenger",
"type": "Vulnerability",
"date": "1/2026",
"severity": "50",
"impact": "2",
"explanation": "Attack limited on finance or reputation"{'affected_entities': [{'customers_affected': 'Telegram users interacting with '
'proxy links or usernames',
'industry': 'Technology/Communications',
'name': 'Telegram',
'type': 'Messaging Platform'}],
'attack_vector': 'Proxy Link Interaction',
'customer_advisories': 'Users advised to exercise caution when interacting '
'with proxy links or usernames',
'data_breach': {'personally_identifiable_information': 'IP addresses',
'sensitivity_of_data': 'High (privacy risk)',
'type_of_data_compromised': 'IP addresses'},
'description': "Security researchers discovered a flaw in Telegram's proxy "
"link handling that inadvertently exposes users' real IP "
'addresses when interacting with Telegram usernames or '
'specific proxy-related links. This vulnerability undermines '
'the anonymity provided by proxy links, posing a risk to user '
'privacy.',
'impact': {'brand_reputation_impact': 'Potential reputational damage due to '
'privacy concerns',
'data_compromised': 'User IP addresses',
'identity_theft_risk': 'Increased risk of user tracking and '
'privacy compromise',
'systems_affected': 'Telegram messaging platform'},
'lessons_learned': 'Proxy link handling must be rigorously tested to prevent '
'unintended information disclosure. User awareness is '
'critical in mitigating privacy risks.',
'post_incident_analysis': {'corrective_actions': 'Enhanced warnings, user '
'education, and improved '
'proxy link management',
'root_causes': "Flaw in Telegram's proxy link "
'handling mechanism'},
'recommendations': ['Implement explicit warnings for proxy link interactions',
'Conduct user education campaigns on safe online '
'practices',
'Continuously evaluate and improve proxy link management '
'for security'],
'references': [{'source': 'Security Research'}],
'response': {'communication_strategy': 'Public disclosure of vulnerability '
'and planned security enhancements',
'containment_measures': 'Enhanced warnings for proxy link '
'interactions',
'remediation_measures': 'User education campaigns and ongoing '
'evaluation of proxy link management'},
'title': 'Telegram Proxy Links Vulnerability Exposing User IP Addresses',
'type': 'Information Disclosure',
'vulnerability_exploited': 'Flaw in proxy link handling'}