Telegram Proxy Links Expose User IP Addresses on Click
Summary
Hide ▲
Show ▼
Telegram clients on Android and iOS automatically connect to proxy servers when users click specially crafted links, exposing their real IP addresses. Attackers can exploit this behavior to deanonymize users by disguising malicious proxy links as harmless usernames or URLs. Telegram will add warnings to proxy links to mitigate the risk. The issue was demonstrated by researchers who showed that clicking a disguised proxy link triggers an automatic connection to the attacker-controlled server, revealing the user's IP address. This can lead to location tracking, denial-of-service attacks, or other targeted abuse. Telegram downplays the issue but acknowledges the risk and plans to implement warnings for proxy links.
Timeline
-
12.01.2026 18:20 1 articles · 23h ago
Telegram to Add Warnings to Proxy Links After IP Exposure Flaw Demonstrated
Researchers showed that Telegram clients on Android and iOS automatically connect to proxy servers when users click specially crafted links, exposing their real IP addresses. Telegram will add warnings to proxy links to alert users about the potential risk of clicking disguised links.
Show sources
- Hidden Telegram proxy links can reveal your IP address in one click — www.bleepingcomputer.com — 12.01.2026 18:20
Information Snippets
-
Telegram clients on Android and iOS automatically attempt to connect to a proxy when a user taps a specially crafted internal link.
First reported: 12.01.2026 18:201 source, 1 articleShow sources
- Hidden Telegram proxy links can reveal your IP address in one click — www.bleepingcomputer.com — 12.01.2026 18:20
-
Proxy links can be disguised as ordinary usernames or website URLs, leading users to unintentionally reveal their real IP address.
First reported: 12.01.2026 18:201 source, 1 articleShow sources
- Hidden Telegram proxy links can reveal your IP address in one click — www.bleepingcomputer.com — 12.01.2026 18:20
-
The automatic connection to the proxy server allows attackers to log the user's IP address, enabling location tracking and targeted attacks.
First reported: 12.01.2026 18:201 source, 1 articleShow sources
- Hidden Telegram proxy links can reveal your IP address in one click — www.bleepingcomputer.com — 12.01.2026 18:20
-
Telegram will add warnings to proxy links to alert users about the potential risk of clicking disguised links.
First reported: 12.01.2026 18:201 source, 1 articleShow sources
- Hidden Telegram proxy links can reveal your IP address in one click — www.bleepingcomputer.com — 12.01.2026 18:20