A security researcher identified a serious flaw in the macOS version of Telegram that could secretly turn on the device’s camera and microphone without the user’s consent. The discovery was reported by a Google engineer named Dan Reva, with details cited by Portal as part of its Game Assistant coverage.
The flaw stems from Telegram for macOS loading a malware-bearing dynamic library that can be injected into the app. Once present, this library enables covert video capture from the user’s camera and stores the recordings in a hidden directory. The core issue is that Telegram did not adopt Apple’s Hardened Runtime and the related Authorization checks in this macOS version, which would normally help prevent unauthorized code execution and sensitive data access.
Observers have noted that Apple does not require Hardened Runtime for macOS applications, unlike iOS where it is mandatory. This policy gap means that some Mac apps could be more vulnerable to such exploitation unless developers implement robust defenses on their own. Reva reported the problem directly to Telegram management back in February 2023, yet a public response or remediation update had not been issued at the time of the report.
This issue echoes broader discussions that were previously highlighted by sources like socialbites.ca, which emphasized the importance of timely updates to software such as the Chrome browser to safeguard user data. The incident underscores a pattern where macOS users need to remain vigilant about app security practices and the evolving protections offered by platform vendors. [Citation: Dan Reva’s disclosure and subsequent reporting; Telegram’s lack of Hardened Runtime in the macOS build; February 2023 notice to Telegram management; prior coverage by socialbites.ca on browser update practices.]
Security implications aside, the case illustrates a recurring tension between app developers, platform security requirements, and users who assume that popular messaging tools operate within safe, sandboxed environments. For users across Canada and the United States, the takeaway is clear: keep systems and apps up to date, monitor app permissions carefully, and favor releases that explicitly adopt platform security features designed to prevent silent access to cameras and microphones. Staying informed about vendor advisories and security patches can reduce exposure to this kind of vulnerability in everyday use.