Cyber security

Telegram Trilateration – Exploring The Risks

It took them over a YEAR to realize their mistake but they FINALLY lowered the accuracy of the “People Nearby” function.

Or it might be that the huge sudden outburst of negativity from Russian and Ukrainian media has finally made them come to senses.

Either way, when you run the function now, you will only see results of 500m1km2km, etc. I have little faith left in Telegram when it comes to privacy and taking issues seriously.

This repository will stay online, but be adviced that none of the data collection methods in here will work as expected.

Some Posts About This Repository:

[UA] (Focus.ua) Вирахують навіть президента: Telegram дозволяє дізнатися координати людей із точністю до метра

[RU] (CNews.ru) Telegram превратился в легальное средство слежки за передвижениями пользователей

[RU] (Habr.com) Telegram позволяет узнавать координаты людей с точностью до метра

[EN] (OS2INT.com) APPLYING EFFECTIVE OSINT TO GEO-MONITOR RUSSIAN MILITARY ACTIVITY


UPDATE: API method

Turns out Telegram offers the possibility to request people nearby using their API. This means what the entirety of the “Scraping” section in this repository became obsolete… Sigh…

Doing this requires about ~30 lines of code, instead of the spaghetti mountain I created by making an entire OPTICAL OCR SCRAPER AND PARSER… What was I thinking anyway?

TL;DR: I made a new script that can do the same thing, only much better and more stable.


Disclaimer

I have tried reaching out to Telegram via email. (Feb 22th 2021)
After more than 1 month of no reply, I decided to open up this repository.

I AM NOT ACCOUNTABLE FOR ANY DAMAGE OR ILLEGAL ACTIVITY DONE BY END USERS! USE AT YOUR OWN RISK AND DISCRETION!

A while back, Telegram rolled out a new (Opt-in) feature which allows users to find people and groupchats close to their location.

This “Feature” allows you to see the relative distance between you and a user in meters! By abusing that data we are able to pinpoint someone’s general location.

For more information click here.

Varshini

Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.

Recent Posts

Playwright-MCP : A Powerful Tool For Browser Automation

Playwright-MCP (Model Context Protocol) is a cutting-edge tool designed to bridge the gap between AI…

3 weeks ago

JBDev : A Tool For Jailbreak And TrollStore Development

JBDev is a specialized development tool designed to streamline the creation and debugging of jailbreak…

3 weeks ago

Kereva LLM Code Scanner : A Revolutionary Tool For Python Applications Using LLMs

The Kereva LLM Code Scanner is an innovative static analysis tool tailored for Python applications…

3 weeks ago

Nuclei-Templates-Labs : A Hands-On Security Testing Playground

Nuclei-Templates-Labs is a dynamic and comprehensive repository designed for security researchers, learners, and organizations to…

3 weeks ago

SSH-Stealer : The Stealthy Threat Of Advanced Credential Theft

SSH-Stealer and RunAs-Stealer are malicious tools designed to stealthily harvest SSH credentials, enabling attackers to…

3 weeks ago

ollvm-unflattener : A Tool For Reversing Control Flow Flattening In OLLVM

Control flow flattening is a common obfuscation technique used by OLLVM (Obfuscator-LLVM) to transform executable…

3 weeks ago