Researchers have shared details of some Telegram vulnerabilities. They have analysed the Telegram code and discovered 13 vulnerabilities that could risk the users’ chats’ security. Attackers could spy on secret chats including both the messages and the media files.
These bugs specifically existed in the way the Telegram apps handled animated stickers in secret chats. Telegram uses Lottie-based .TGS format for the stickers and all the flaws that the researchers discovered existed in this lottie library. This way it became possible for an adversary to simply send a malicious sticker to the target recipient.