Listen Live
    Telegram messenger logo on a tablet screen. (File)

    Cybersecurity Researcher Receives Reward From Telegram for Uncovering App Bug

    © Sputnik / Natalia Seliverstova
    Tech
    Get short URL
    160
    Subscribe

    MOSCOW (Sputnik) - Dhiraj Mishra, an IT security researcher, has stated that he was awarded a financial bounty by the Telegram messaging service after he had uncovered a privacy bug which did not allow users to completely delete messages sent to recipients, even though it was that particular feature that has gained the messaging app its current popularity.

    "We are abusing a well-known feature of deleting messages here, which allows users to delete messages which are sent by mistake or genuinely to any recipient. It was observed that once the message (image) is sent to the recipient, it still remains in the internal USB storage of the recipient which is located at `/Telegram/Telegram Images/` path", Mishra said.

    "Telegram is a messaging app which focuses more on privacy files here, nevertheless, I reported this to the Telegram security team and followed the responsible disclosure guidelines, and a fix was pushed for this issue in version 5.11 in Telegram for Android. Also, I was awarded a bounty of 2,500 euros [$2,760]", he added.

    The statement comes after Telegram updated on 9 September its app to version 1.8.4 for iOS and version 5.11 for Android, saying it would feature "bug fixes and other minor improvements".

    Telegram currently has over 10,000,000 downloads on the Google Play Market for Android and is ranked as the number two social networking app on the App Store for iOS.

    Tags:
    Cyber Security, Telegram group, Russia
    Community standardsDiscussion
    Comment via FacebookComment via Sputnik