The Telegram chat app has benefited from the increase in the number of new users leaving WhatsApp, but those who were hoping that their audio and video recordings would be safe with Telegram might want to reconsider using the app.
According to experts, the “Telegram” platform is considered slightly less secure than it was originally thought, due to a bug that allows access to self-destructing audio and video messages long after the sender and recipient believed that these messages had been permanently deleted. The error, which affected the “macOS” version of the messaging service, comes a few weeks after millions of new users joined Telegram, following the announcement of a new privacy policy for the “WhatsApp” application, owned by “Facebook.”
Security researcher Dheeraj Mishra discovered the latest privacy-threatening vulnerability in the Telegram app. This vulnerability is in macOS version 7.3. Telegram was notified of the problem on December 26, 2020. After the update on January 29, the issue was resolved in version 7.4 of the “macOS” app.
Unlike Signal and WhatsApp, Telegram does not use end-to-end encryption for its messages by default. Instead, users need to sign up for a mode called “Secret Chat”, to enable this important privacy measure. When this mode is enabled, users have the option to send “self-destruct” messages that prevent anyone outside of the sender and recipient from seeing the contents (including Telegram itself).
However, Mishra discovered that when recording audio or video messages on the “macOS” application, the “mp4” recording on the laptop’s hard drive could be tracked. Once you know where the file is stored, it is possible to dive into the folders on your Mac and recover the registry, even when it disappears from the Telegram chat window. Even though playing the video or listening to the audio is no longer possible within the app, the file itself is not deleted and remains available as long as you know where it is.