Snoop all Telegram messages – Vitor Ventura
Abstract
Privacy is important for all kinds of people no matter what business or social status they are in. One of the cornerstones of privacy in our days is the secure messaging applications like Telegram, which deploy end-to-end encryption to protect the communications. At the same time these kind of applications have become so important that bug buying companies are now paying up to $500,000 for exploits on these platforms or just $15,000 for information disclosure exploits. It is no news that Telegram has been targeted by several intelligence agencies to allow the interception of messages. Several clone applications have been created and distributed with the intent of spying on their users. Telegram however, can be abused allowing the message interception on non-rooted Android device and without replacing the official application.
Bio
Vitor Ventura is a Cisco Talos security researcher. Has a researcher, he investigated and published various articles on emerging threats. Most of the days Vitor is hunting for threats, investigating, them reversing code but also looking for the geopolitical and/or economic context that better suits them. Vitor has been a speaker in conferences, like Recon and BSides Lisbon among others. Prior to that he was IBM X-Force IRIS European manager where he was lead responder on several high profile organizations affected by the WannaCry and NotPetya infections, helping to determine the extent of the damage and to define the recovery path. Before that he did penetration testing at IBM X-Force Red, where Vitor lead flagship projects like Connected Car assessments and Oil and Gas ICS security assessments, custom mobile devices among other IoT security projects. Vitor holds multiple security related certifications like GREM (GIAC Reverse Engineer Malware), CISM (Certified Information Security Manager).