Telegram mobile clients proxy-link IP disclosure security flaw
Vulnerability
Summary
Hide ▲
Show ▼
Researchers demonstrated that Telegram mobile clients on Android and iOS can leak a user's real IP address when a disguised proxy link is tapped. The clients automatically perform a proxy test connection before the proxy is added, creating a path for targeted deanonymization. Telegram says it will add warnings for proxy links, but the exposure is still triggered by a single click.
Related Happenings
India's Ministry of Electronics and Information Technology NEET-UG 2026 Delhi High Court Warned Telegram and imposed a nationwide block for June 18 affidavit block ahead of the
Public Sector Action
H score27
First: 18.06.2026 15:18
Last: 18.06.2026 15:18
Sources 1
About this happening:
**India's government** warned **Telegram** and imposed a **nationwide block** tied to alleged **NEET-UG 2026** exam-paper leaks, restricting access to the platform and leak-relate...
India's Ministry of Electronics and Information Technology NEET-UG 2026 Delhi High Court Warned Telegram and imposed a nationwide block for June 18 affidavit block ahead of the
Public Sector ActionAbout this happening: **India's government** warned **Telegram** and imposed a **nationwide block** tied to alleged **NEET-UG 2026** exam-paper leaks, restricting access to the platform and leak-relate...
Telegram access disruption from AS18101 route spillover
Service Disruption
H score62
First: 17.06.2026 16:12
Last: 17.06.2026 16:12
Sources 1
About this happening:
**Telegram** access was disrupted outside **India** after **AS18101 / Reliance Communications** announced Telegram prefixes, spilling a domestic block into the **UAE** and other r...
Telegram access disruption from AS18101 route spillover
Service DisruptionAbout this happening: **Telegram** access was disrupted outside **India** after **AS18101 / Reliance Communications** announced Telegram prefixes, spilling a domestic block into the **UAE** and other r...
Roskomnadzor blocks WhatsApp in Russia
Public Sector Action
H score30
First: 13.02.2026 00:57
Last: 13.02.2026 00:57
Sources 1
About this happening:
**Roskomnadzor** is trying to **block WhatsApp** in **Russia**, escalating restrictions on communication platforms and limiting access for users who rely on the service. The move...
Roskomnadzor blocks WhatsApp in Russia
Public Sector ActionAbout this happening: **Roskomnadzor** is trying to **block WhatsApp** in **Russia**, escalating restrictions on communication platforms and limiting access for users who rely on the service. The move...
Telegram proxy-link warning rollout
Advisory/Mitigation
H score21
First: 12.01.2026 18:20
Last: 12.01.2026 18:20
Sources 1
How related:
That said, we're adding a warning that will show when clicking proxy links so users can be more aware of disguised links.
About this happening:
**Telegram** is adding a **warning for proxy links** after clicks on disguised links were shown to expose users' **real IP addresses**. The mitigation targets **Android and iOS**...
Telegram proxy-link warning rollout
Advisory/MitigationHow related: That said, we're adding a warning that will show when clicking proxy links so users can be more aware of disguised links.
About this happening: **Telegram** is adding a **warning for proxy links** after clicks on disguised links were shown to expose users' **real IP addresses**. The mitigation targets **Android and iOS**...
AI-assisted Truman Show investment fraud campaign
Campaign
H score33
First: 09.01.2026 13:00
Last: 09.01.2026 13:00
Sources 1
About this happening:
The **Truman Show** operation is an **AI-assisted investment fraud campaign** that uses **fake personas** and **attacker-controlled infrastructure** to lure victims into crypto sc...
AI-assisted Truman Show investment fraud campaign
CampaignAbout this happening: The **Truman Show** operation is an **AI-assisted investment fraud campaign** that uses **fake personas** and **attacker-controlled infrastructure** to lure victims into crypto sc...
Timeline
-
12.01.2026 18:20 2 articles · 5mo ago
Telegram proxy links expose real IPs and prompt warning plan
Initial DisclosureResearchers demonstrated that Telegram clients on Android and iOS automatically attempt a proxy connection when a user taps a disguised internal link, allowing the proxy operator to log the user's real IP address before any proxy is added. The issue was surfaced through the Russian-language Telegram channel chekist42, widened by GangExposed RU, and further demonstrated by 0x6rss with a video PoC, after which Telegram said it will add warnings when users click proxy links.
Show sources
- Hidden Telegram proxy links can reveal your IP address in one click — www.bleepingcomputer.com — 12.01.2026 18:20
- Hidden Telegram proxy links can reveal your IP address in one click — www.bleepingcomputer.com — 12.01.2026 18:20