Telegram Info English

Telegram for Android and iOS updated to version 12.7 In the May update, the app received a number of useful tools aimed at combating vote manipulation in polls and reaction spammers in groups. • Custom styles for the AI editor: Telegram now lets you create your own styles within the AI-powered editor. Simply come up with a name, pick an icon from custom emojis, and write a prompt for the language model. Finished styles can be shared with other users — when opening the link, they'll see examples of how the style transforms text. Creators can also choose to display a link to their profile in the style preview window. • New poll tools: Administrators can now restrict voting to subscribers who joined the channel at least 24 hours ago. They can also set geographic restrictions, allowing only users from specific countries to participate in a poll. • Removing reactions in groups: Group admins with the "Delete messages" permission can now remove reactions to any message. To do so, open the full reactions list and long-press the user. It is also possible to restrict reactions in group chats — either for all members or for a specific user. • Business bots for all users: Telegram now allows any user to connect business bots to their account, even without Telegram Premium. These bots can automatically handle chats and interact with customers. Since the launch of Telegram Business in 2024, this feature had been available exclusively to Premium subscribers. Other changes • An option to send scheduled messages silently has been added. • Markdown files (.md) up to 64 KB now open in Instant View mode. • Poll statistics are now available for polls with at least 100 votes. • Bots that power automated tools and AI assistants in Telegram can now be invoked directly from the message input field (guest mode support for bots). Article: telegram.org/blog/ai-bot-revolution-11-new-features/ Download the update • Android: Google Play, APK from the official website or verified channel. • iOS: App Store. #update #Android #iOS

Telegram Info English: Passkeys in Third-Party Telegram Clients Instructions describing how Passkey authorization works for third-party clients have appeared in the Telegram API documentation. The main caveat of this new feature is that Passkeys will not be universal. You will not be able to log into the official Telegram app using a passkey created in a third-party client (and vice versa). As a reminder, late last year Telegram added support for Passkeys — a convenient and secure way to log into your account using biometrics or a PIN code without needing SMS. In our FAQ at the time, we clarified that this option was only available in official Telegram clients.

💬 You can only use Passkeys to log into an existing account. Creating a new account still requires receiving an SMS code.

How This Will Work Now, developers of alternative clients have the opportunity to implement this feature, but with a significant limitation:

Passkeys only work in the app where they were created. A Passkey from the official Telegram app will not work for a third-party client, and a key from a third-party app cannot be used in either the official Telegram app or any other unofficial builds.

Why Is This Happening? This kind of isolation is not an artificial restriction imposed by Telegram, but rather a limitation of the Passkeys technology itself, which prohibits using keys on third-party websites and apps to protect against phishing. The @tginfo editors note that the introduction of Passkeys support for third-party apps is a positive sign. Despite the technically inevitable fragmentation of keys, Telegram is not leaving users of alternative clients without modern security methods, providing them with a reliable alternative to OTP over SMS, which is expensive and sometimes unavailable in countries where Telegram is banned. #security #authorization #passkey

British Regulator Ofcom Launches Investigation into Telegram The British communications regulator Ofcom has launched an investigation into Telegram regarding its compliance with obligations to combat illegal content under the local Online Safety Act 2023. According to Reuters, the investigation was prompted by data from the Canadian Centre for Child Protection regarding the spread of child sexual abuse material (CSAM) on the platform, as well as the regulator's own assessment. If violations are found, platforms could face fines of up to £18 million or 10% of their global turnover. Telegram's Position • The messenger "categorically" denies Ofcom's accusations. • The company claims that since 2018, the public distribution of CSAM on the platform has been "virtually eliminated" thanks to the work of automatic detection algorithms. • Telegram stated they are surprised by the investigation and concerned that it might be "part of a broader attack on online platforms that defend freedom ​of speech and the ​right to privacy". • A day earlier, Pavel Durov noted that "protecting children" has become a standard PR move for lawmakers to gain control over media narratives. Context This is not Telegram's first clash with regulators over CSAM. In February 2025, the Australian regulator eSafety fined the messenger $600,000 for delaying a response to a similar request. In response, the company abandoned its usual passive stance, moved to active legal defense, and sued Australia, challenging the legality of the fine. At the end of 2024, Telegram officially agreed to cooperate with the Internet Watch Foundation (IWF) — one of the key organizations maintaining CSAM signature databases. Our team has also extensively analyzed Telegram's internal moderation processes based on reports for eSafety: the disclosed documents reveal that photos and videos in all private groups and channels on the platform are automatically scanned against known illegal materials. Recently, the UK has been consistently ramping up pressure on social media. Earlier this year, to comply with local legislation, Telegram already had to launch an experimental facial age verification system for British users. It is worth noting that in recent years, under the banner of child protection, European countries have been increasingly pushing requirements that could violate privacy of communications and live. For example, due to requirements from this same Ofcom, Apple was forced to disable E2E encryption for iCloud backups, and the European Union is developing the EU Chat Control law, which is similar to the British OSA in its invasiveness. #UK #moderation #laws

New Limits on Poll Participation In the source code for Telegram Desktop, there are lines of code that show the addition of tools to track and stop poll-rigging: • The option to allow voting only for users who subscribed to the channel at least 24 hours ago. • The ability to allow voting only to users from a selected country (or multiple countries). • The ability to view poll statistics. Let us remind you that in 2020, the Telegram team had already created polls in which the answer options were available only to users with Belarusian SIM cards. It remains unclear, however, whether the platform will allow channel administrators to disable voting for subscribers who join the channel after a poll is posted or whether it will make the same mistake as with giveaways, where this option is also unavailable. #Desktop #polls

Telegram Plans to Fight Spam Reactions Soon, group admins will be able not only to ban users who leave reactions but also to delete reactions from such users, Pavel Durov announced. Moderator bots that use the Bot API will be able to do this too, the message clarifies:

“The problem with spam bots in reactions is understood. We have started working on solving it. Soon it will be possible to ban users from the reactions list and remove all existing reactions of this user in the chat. The same will be available to automatic bot moderators in the Bot API”.

Just a few days ago, Durov mentioned on his channel that the messenger team is working on tools to detect inauthentic votes in polls and protect the results from manipulation.

Telegram Allowed Bots to Chat with Each Other Since the Telegram Bot API was introduced, bots could not see each other's messages — the platform would simply hide messages and events from other bots to prevent feedback-loop errors. Starting now, bot developers can opt in to bypass this restriction. • In Chats The change allows admins to build complex reaction chains. For example, a bot can trigger another bot, while logging systems record all bot actions in the chat. • Through Business Accounts Business bots will be able to send private messages to other bots on your behalf. You can opt in to the change in @BotFather by activating the “Bot-to-Bot Communication” toggle. You can learn more in the documentation on Telegram's official website. #bots #BotAPI

Telegram Might Get Tools for Fighting Poll Manipulation In his personal Telegram channel, Pavel Durov mentioned that the messenger is working on tools that will help channel owners detect rigging in polls and protect the results from manipulation. Telegram's CEO listed the following measures: • Poll statistics. • Limit voting to channel subscribers. • Limit voting to users from select countries. In the past, Telegram has already used region-gating to prevent poll rigging, but only on a case-by-case basis — for example, during the 2020 protests in Belarus, Telegram published a poll in which only users with Belarusian SIM cards could vote. Similarly, the messenger already allows channel owners to limit their giveaways to select countries. Detailed voting statistics are very useful for detecting anomalies during polling. You could already see this feature in Pavel Durov’s previous product, VK․com, where it was added back in 2012, when Pavel was still its CEO. The new set of features is likely inspired by rigging in a political poll that Pavel Durov happened to notice. He shared that most of the fake votes were made by accounts originating from “exotic countries”. There are still no details on what poll stats will look like. At the same time, the tools for limiting the poll audience appear to be very similar to ones that are already available for giveaways, from which we can speculate about how they will work: • Voter's Country Usually, Telegram infers a user's region from the country where the account's SIM card is registered. • Limiting to Channel Subscribers Surges of bot subscribers are a very common problem admin channels face when they hold giveaways. Bot farm owners command their accounts to join channels with active giveaways to get free Premium subscriptions, while the channel owners have no tools to retaliate. Without an “only existing subscribers can vote” option, polls can inherit this problem.

Main Announcements From Telegram Summit 2026 Telegram's closed conference Telegram Summit 2026 concluded today, where the messenger's team presented revolutionary new features for the upcoming year. The @tginfo editors closely followed the presentation and have collected the most important announcements from the event. AI Innovations • Smart media compression. To save server space, photos and videos in old chats will be replaced with their brief text descriptions generated by an AI. If you need to view a deleted file, the messenger will recreate it from the text. In addition, all voice messages longer than three minutes will be forcibly transcribed, and their originals permanently deleted. • Replacing the declining audience with AI agents. If your chat partner hasn't logged into the app for a month, the messenger will automatically create a language model based on their chat history that will continue to respond to new messages. The developers call this an innovative solution to the problem of empty contact lists: no one wants to use a messenger if they can't chat with their friends. This is especially relevant in Russia, where the user base is declining amid a ban on the messenger. Media • Static Videos. In addition to animated photos (Motion Photos), the messenger is working on support for Static Videos. The new feature is designed to improve the user experience in conditions of throttled internet. • Square video messages. The classic "circles" will become an exclusive privilege for Telegram Premium subscribers. Users of the basic version of the messenger will only be able to send square videos. Content and Community Quality • The 🤡 reaction will become paid. Using the clown emoji in channels and chats will become a paid feature. By leaving this reaction under a post, users will automatically transfer 5 stars to its author. • "Revolution" in channels. The audience will get the opportunity to impeach channel administrators for low-quality content and vote to transfer ownership rights to a new owner. To avoid abuse of the system, every vote will be subject to a fee. • Telegram Premium for families. The team is testing a family subscription. However, at the moment, it is available only to Pavel Durov's biological children. As the company notes, "a large-scale beta test has already been launched, and the plan has become available to a hundred users."

Telegram for Android and iOS Updated to Version 12.6 The April update is live and brings many new features in it: • Poll improvements across the board: deadlines, media files in answers, random option order, and the ability for participants to suggest their own options. At the same tile, poll answer options have received separate links to specific voting options, as well as the ability to reply to them, copy, and delete user-suggested options. • AI text editor and translator: a built-in assistant for translation, error correction, style changes, and automatic emoji placement. A few uses are available for free, with increased limits for Premium. • Live & Motion Photos: support for viewing and sending "moving" photos (a short video before and after the shutter button was pressed). The sender can select one of the three playback styles in the media editor: Live, Loop, and Bounce. • Profile Playlist: search through saved tracks and add audio files directly from device storage and shared audio in Telegram. • Updated indicators: a redesigned look for mentions and reactions, as well as notifications about new votes in your polls directly in the chat list. Other Updates • Bots can now easily allow their users to create customized subagent profiles with custom name and profile picture, designed to replace manually creating bots and passing their tokens. • On iOS, easily scan documents with your camera and combine the scans into a PDF-file. • A warning when somebody is using an unofficial Telegram client. • Separate "Polls" tab in channel and chat profiles. • Stories now display the music file that was used on them. Article: telegram.org/blog/ai-editor-mighty-polls-and-more/ Download the update • Android: Google Play, Direct APK on the official website or verified channel • iOS: App Store. #update #Android #iOS

Main Announcements From Telegram Summit 2026 Telegram's closed conference Telegram Summit 2026 concluded today, where the messenger's team presented revolutionary new features for the upcoming year. The @tginfo editors closely followed the presentation and have collected the most important announcements from the event. AI Innovations • Smart media compression. To save server space, photos and videos in old chats will be replaced with their brief text descriptions generated by an AI. If you need to view a deleted file, the messenger will recreate it from the text. In addition, all voice messages longer than three minutes will be forcibly transcribed, and their originals permanently deleted. • Replacing the declining audience with AI agents. If your chat partner hasn't logged into the app for a month, the messenger will automatically create a language model based on their chat history that will continue to respond to new messages. The developers call this an innovative solution to the problem of empty contact lists: no one wants to use a messenger if they can't chat with their friends. This is especially relevant in Russia, where the user base is declining amid a ban on the messenger. Media • Static Videos. In addition to animated photos (Motion Photos), the messenger is working on support for Static Videos. The new feature is designed to improve the user experience in conditions of throttled internet. • Square video messages. The classic "circles" will become an exclusive privilege for Telegram Premium subscribers. Users of the basic version of the messenger will only be able to send square videos. Content and Community Quality • The 🤡 reaction will become paid. Using the clown emoji in channels and chats will become a paid feature. By leaving this reaction under a post, users will automatically transfer 5 stars to its author. • "Revolution" in channels. The audience will get the opportunity to impeach channel administrators for low-quality content and vote to transfer ownership rights to a new owner. To avoid abuse of the system, every vote will be subject to a fee. • Telegram Premium for families. The team is testing a family subscription. However, at the moment, it is available only to Pavel Durov's biological children. As the company notes, "a large-scale beta test has already been launched, and the plan has become available to a hundred users."

Telegram May Warn Chat Partners If You Use an Unofficial Client A new entry has been discovered in the translation string database for the official Telegram for iOS client, indicating the potential introduction of warnings when a chat partner is using a third-party messenger client.

"The user uses an unofficial Telegram client – messages to this user may be less secure," reads the string for translation.

The appearance of such a notification is likely related to the growing popularity of the Russian third-party client "Telega", which, unlike a regular proxy, sends messages to a Russian company's servers in a way that allows them to be decrypted and read there. Furthermore, Russian companies are legally obligated to store and hand over data to the FSB upon request. The @tginfo editors assume that Telegram isn't blocking this client directly as a compromise to maintain its position in the Russian market, but is striving to mitigate reputational risks: a single chat participant with an unofficial app is enough to put the remaining users at risk. It is unknown whether the warning will be displayed when a chat partner uses any alternative client, even one that is officially registered and follows the API ToS, or if the new feature will only affect apps that Telegram deems unreliable. @tginfo editors fear that if the new feature applies to all third-party apps, this warning could turn into visual noise. #iOS #security

On March 26, an entry ZDI-CAN-30207 concerning Telegram appeared in the database of the Zero Day Initiative — the largest independent vulnerability hunting program. The vulnerability was discovered by researcher Michael DePlante from Trend Micro. Details are classified: according to ZDI regulations, the specifics will be disclosed either as soon as the messenger fixes the issue, or on July 24, 2026, if it does not.

There is no information about the vulnerability being exploited "in the wild" by actual hackers. Right now, no one except the researcher and Telegram developers knows what the vulnerability entails.

The popular theory about animated stickers is speculation and rumor, not facts known from this entry. All other "details" being spread by media and channels are either conjecture or descriptions of already fixed old vulnerabilities. There is no need to panic. What to do: • Update Telegram immediately when new versions are released. • Use the official Telegram app to receive the update with the fix on the very first day. • No other specific protective measures can be taken — the nature of the vulnerability is unknown. Telegram's Reaction The messenger's press service stated to Durov's Code that the vulnerability does not exist. Their argument: all stickers are checked by servers, therefore "the existence of such an exploit is impossible". The @tginfo editors find this reaction strange. For some reason, Telegram commented specifically on the speculations about stickers, even though the attack vector has not been disclosed and might have nothing to do with them. It is unclear why the messenger chose to refute rumors instead of simply confirming their work on the ZDI report. The assertion itself that the exploit does not exist due to server-side verification is technically flawed: server validation is merely one of the protection layers, which itself can contain errors and may not cover all possible scenarios. Moreover, stickers that cause the Android app to crash still exist today, which already calls into question the comprehensiveness of the claimed check. The messenger's response to Durov's Code is a declaration, not an argument. It will only be possible to confirm or deny the existence of the problem after the details are published or a patch is released. What Open Data Says From the ZDI entry, the preliminary severity score — 9.8 out of 10 — and the attack vector parameters are known. If the assessment is correct, the vulnerability can be exploited remotely over the network, requires no user interaction and no system privileges, and, in the event of successful exploitation, potentially allows an attacker to gain full access to the user's data. These are serious parameters, however, the preliminary score is set by the researcher and may be adjusted. Context It is not the first time Telegram has faced critical vulnerabilities. In 2020, Shielder researchers discovered 13 vulnerabilities in the rlottie library for animated stickers, including out-of-bounds write errors that allowed for remote memory corruption on the device. Telegram fixed the specific bugs but did not change the processing architecture. Potentially, animated stickers remain a broad attack surface, so it cannot be ruled out that the new vulnerability exploits them specifically. In 2024, a flaw was discovered in Telegram Desktop that allowed programs to be disguised as videos, making it easier to convince a victim to click and launch them. In 2025, a similar EvilLoader vulnerability was found on Android. At the same time, the Russian vulnerability broker Operation Zero offered up to $4 million for zero-click exploits in Telegram, while a representative of the messenger told Forbes that "Telegram has never been vulnerable to zero-click exploits." Practice shows that Telegram prefers to patch specific holes without addressing systemic security problems, and such rhetoric about the "absolute impossibility" of exploits does not inspire confidence against the backdrop of this history.

Massive Update to Polls and AI Text Editor The messenger's team is testing several major new features in the Beta version of Telegram for Android 12.6. Here is a brief overview: • Poll improvements across the board: deadlines, media files in answers, random option order, and the ability for participants to suggest their own options. Poll answer options have received separate links to specific voting options, as well as the ability to reply to them, copy, and delete user-suggested options. • AI text editor and translator: a built-in assistant for translation, error correction, style changes, and automatic emoji placement. A few uses are available for free, with increased limits for Premium. • Motion Photos: support for viewing and sending "moving" photos (a short video before and after the shutter button was pressed). • Profile Playlist: search through saved tracks and add audio files directly from device storage and shared audio in Telegram. • Updated indicators: a redesigned look for mentions and reactions, as well as notifications about new votes in your polls directly in the chat list. #Android #beta #update

Telegram for Android and iOS Have Been Updated to Version 12.5 Here are the new features that became available in the March Telegram update: • Tags for non-promoted chat members: Non-admin members of group chats can now have a tag that will be placed next to their name. Tags of admins and owners now have a different color. • Disabling copying and forwarding DMs: You can now prevent the other side from copying, saving, and forwarding messages from private chats. To activate this, you need to go to the user's profile and select the menu item "Disable sharing". This is available only to users who have subscribed to Telegram Premium. • Interactive dates: You can now format a piece of text as date. When you tap on such text, you will be offered to set a reminder or add the date to the platform‘s calendar. Other Changes • The iOS app can now download media in the background. • You can now add a text caption to a GIF animation before sending it. • In public polls, the time of each user's vote is now displayed. • You can now directly edit stickers from any set, as well as create new ones based on the photos you're viewing. • The authorization system on websites via Telegram has been improved. • All bots can now use the text streaming functionality. Article: telegram.org/blog/member-tags-disable-sharing-and-more/ru Download • Android: Google Play, APK from the official site or verified channel. • iOS: App Store. #update #Android #iOS

Lifetime Limit on Posting Stories Without Premium Some users without a Telegram Premium subscription from several regions (including Russia, Ukraine, and European countries) have found themselves unable to post stories. The app informs them that the feature is available only with a subscription, while for other users it is available for free. Based on our own observations, @tginfo editors have deduced the following rule:

A user can post stories for free only if the total number of stories ever posted on their account is less than three. Moreover, there are important caveats.

How the Limit Works The counter is cumulative. It accounts for absolutely all stories posted during the entire existence of your account, including: • Stories you posted immediately after the feature appeared, when it wasn't paid yet. • Stories you have deleted. • Stories you posted earlier when you had an active Premium subscription. Thus, if you actively used stories with a subscription in the past but are now without it, your "free" limit is likely already exhausted. To post a new one, the app will require you to subscribe to Premium. How to Know When the Limit Is Reached The interface does not warn about reaching the limit in advance. If, when attempting to post, you see a popup "Posting stories is currently available only to subscribers of Telegram Premium." rather than a message about reaching the daily limit — this means your counter of free stories is completely exhausted. Confirmation From Developers The messenger's developers have confirmed that this is not a bug, but intended behavior. The restriction applies in regions where stories were initially introduced as a paid option. The @tginfo editors don't know whether the "3 posts for all time" limit applies to countries where this feature was free since launch. #stories #premium #limits

Posting Stories Becomes Available to All Users This evening, Telegram enabled the ability to post Stories without a Premium subscription for all users — including accounts associated with Iranian, Russian and Ukrainian phone numbers. At the same time, some users report that they still cannot post Stories without a subscription. The @tginfo editorial team suggests that access to the feature is being rolled out gradually. Within a 24-hour period, a user can post only one Story under their own name. To increase this limit to up to 100 Stories per day, a Premium subscription is required. Note that some options in the Story editor remain Premium-only, such as adding a link sticker and choosing the story duration. #Stories

Passkey Notifications Adding a crucial behavior that was absent at the launch of the feature, when a new passkey is added to your account, Telegram now sends out a notification to all your signed in devices — just like the one you get when you add a new device. Previously, the lack of these notifications posed a security threat: attackers could silently add their passkeys to anyone's account. The notifications will include the following information: • Passkey provider (for example: 🔒 Apple Passwords). • Device details: app version, phone model, and OS. • Location from which the passkey was added. • Instructions for listing active sessions. Important security considerations • Also when deleting a passkey, the user will receive a notification to all its signed in devices. • When all active sessions are terminated via «Settings › Devices», recently created access keys are automatically deleted along with the sessions. A notification about their deletions is sent afterwards. • It's only possible to add passkeys 24 hours after signing in. #security #authorization #passkey

Premium Subscription Is Now Sufficient for Sending Custom Emojis in Bots Bot developers have noticed that Telegram has changed the logic regarding premium emojis in bots. Previously, a bot could send custom emojis only if it had an NFT username linked to it. Initially, linking such a username cost 5,000 TON, and later the price was reduced to 1,000 TON. How it works now: • If a bot is created on an account with a Telegram Premium subscription, it can send premium emojis in messages. • If the account owner does not have Premium, the bot cannot use premium emojis. • The feature is tied specifically to the account owner, not to the bot having an NFT username. Important details: • Premium emojis do not work in the bot's inline mode. • The Telegram team has not yet commented on the change — this behavior may change. #bots #premium

Telegram Tests "Gift Crafting": Casino Mechanics and Asset Burning A new feature for gifts called "crafting" has been discovered in Telegram's code. The concept is simple: users will be able to combine multiple gifts into one to obtain a rarer item. @tginfo summarizes the mechanics found by teleLakel: • Risk of losing everything. The main feature is that the process does not guarantee success. Selected gifts may simply "burn". When combining two gifts, the chance of losing them is highest; with four, the risk is lower but still present. • Merging. You can use up to 4 gifts for crafting. The resulting item will inherit the ID of the first selected gift (e.g., if you select gifts in the order [100, 50, 200], the new gift will receive #100). • Color inheritance. If you combine 4 gifts of the same color, the result is guaranteed to have that same color. In other cases, attributes are rolled randomly. • Irreversibility. Gifts created this way cannot be used for crafting again. • Incompatibility with NFTs. teleLakel speculates that gifts previously minted on the TON blockchain as NFTs might be incompatible with the new mechanics. Why is this needed? Effectively, Telegram is introducing a gambling element. Users will face a choice: keep what they have or risk their assets for a chance to get a unique model. From a market perspective, this is a classic way to drive up prices. "Consumable" gifts will be burned in large quantities, their total supply will decrease, meaning remaining and newly created items could increase in value. The feature is not yet functional and may change by release. Crafting could become paid, the logic might change, or additional restrictions could be applied. Previously, the @tginfo team discovered that the Telegram team is working on a gambling game, Emoji Stake, which allows betting on dice rolls. The messenger team also introduced an auction system for gifts, allowing Telegram to sell new models for the maximum price offered by the market. @tginfo Editors Opinion: Untimely Gambling Introducing blatant gambling mechanics in early 2026 seems like a highly risky move. Telegram is going against the trend of platforms striving for regulatory compliance. • Brazil. Starting in March, a ban on selling lootboxes to children comes into effect. A local court has previously blocked Telegram, and repeated disregard for laws could cost the messenger this market. • EU and Australia. The European Union is preparing laws against "addictive design," while in Australia, such mechanics automatically assign an "18+" rating to the app, threatening removal from public access in app stores. #gifts

Telegram Mobile Apps May Expose IP Address via Quick Proxy Setup Links A security researcher discovered that Telegram's mobile apps do not warn users about potential IP exposure when clicking quick proxy setup links. While not a major danger for average users, this is undesirable for those concerned about being surveilled. The Core Issue Typically, clicking an external link or unsafe file triggers a warning pop-up. However, clicking a quick proxy setup link is handled differently: the app immediately attempts to connect to the server to check its availability, bypassing the warning entirely. An attacker can disguise such a link as a username or another hyperlink. The moment it is clicked, the app sends a request to the server controlled by the attacker, thereby revealing the user's IP address. • The issue affects only Android and iOS clients. • The @tginfo team independently confirmed that Telegram Desktop, macOS, Telegram X, and Web versions handle these links safely and do not automatically connect to proxy servers. The Risk is Low It is important to note that for most users, this problem is not critical. An IP address usually only reveals an approximate location (city level), and many users have dynamic IPs. Similar flaws, such as EvilLoader, have been fixed by the Telegram team in the past. We believe developers may disable the automatic check for proxies opened from formatted links in upcoming updates. For those whom IP privacy is critical, we recommend using a system-wide VPN. This is the only reliable way to prevent IP leaks across apps. #security