MOSCOW (Pakistan Point News / Sputnik - 13th February, 2021) Dhiraj Mishra, an IT security researcher, told Sputnik that Telegram, one of the world's leading messaging apps, had awarded him a financial reward for uncovering a bug which was significantly affecting users' privacy by leaving a local copy of self-destructing audio and video messages.
Telegram became the refuge of sorts for millions of instant messaging users after WhatsApp announced new policy that would mandate sharing data with parent company Facebook. The app topped the charts of the most downloaded apps in January 2021, surpassing TikTok, Signal and Facebook, app data provider Sensor Tower said last week.
"I identified a logical vulnerability in Telegram for macOS 7.3 (211334) Stable, which can have a significant impact on users' privacy. Telegram offers one of the core functionality of self-destructing messages under secret chat option. During my assessment I found that self-destructed messages (In this case recorded audio/video messages) are actually never deleted and leave a local copy under a custom/sandbox path," Mishra said.
Apart from the bug with the disappearing chats, Mishra has found that Telegram for macOS � the Primary operating system for Apple's computers � stored local pass codes in plain text.
Since uncovering the vulnerabilities, Mishra sent them to the Telegram security team on December 26 and both bugs have been fixed in the new Telegram version, released a few days ago. The IT security researcher was awarded 3,000 Euros ($3,637) by the messenger for reporting the bugs.
