The Telegram app for macOS contains a vulnerability that could allow an attacker to gain access to a computer’s webcam and microphone. discovered Google engineer Dan Revah.
The vulnerability of the Telegram client under macOS was discovered back in February, and the platform administration received a notification about it at the same time. However, the Telegram administration did not react to the news and Reva decided to publicize his discovery widely.
The vulnerability arose due to the ability to integrate a third-party dynamic library (Dylib) into Telegram. For this reason, the application bypasses the Hardened Runtime and Entitlement protections: the first is intended to protect against malicious code and memory manipulation, the second is designed to control access to the microphone, camera and other computer components.
This will make it possible to embed your own dynamic library on a computer, which will be launched on behalf of Telegram with its powers – it will allow you to secretly record sound and video and save the recordings to a file. If the LaunchAgent tool is enabled, such a malicious library can launch itself after the computer restarts and there is no need to open Messenger for it.
The problem arose due to the fact that on macOS there is no strict requirement to support Hardened Runtime in applications, while on iOS there is.