Cybersecurity Researcher Receives Reward From Telegram For Uncovering App Bug

(@FahadShabbir)

Cybersecurity Researcher Receives Reward From Telegram for Uncovering App Bug

MOSCOW (UrduPoint News / Sputnik - 10th September, 2019) Dhiraj Mishra, an IT security researcher, told Sputnikon Tuesday that he was awarded a financial bounty by the Telegram messaging service after he had uncovered a privacy bug which did not allow users to completely delete messages sent to recipients, even though it was that particular feature that has gained the messaging app its current popularity.

On Monday, Telegram updated its app to version 1.8.4 for iOS and version 5.11 for Android, saying it would feature "bug fixes and other minor improvements."

"We are abusing a well-known feature of deleting messages here, which allows users to delete messages which are sent by mistake or genuinely to any recipient.

It was observed that once the message (image) is sent to the recipient, it still remains in the internal USB storage of the recipient which is located at `/Telegram/Telegram Images/` path. Telegram is a messaging app which focuses more on privacy files here, nevertheless I reported this to the Telegram security team and followed the responsible disclosure guidelines, and a fix was pushed for this issue in version 5.11 in Telegram for Android. Also I was awarded with a bounty of 2,500 Euros [$2,760]," Mishra said.

Telegram currently has over 10,000,000 downloads on the Google Play Market for Android and is ranked as the number two social networking app on the App Store for iOS.

Related Topics

Your Thoughts and Comments