Security News > 2021 > August > MacOS Flaw in Telegram Retrieves Deleted Messages
A vulnerability in a high-level privacy feature of Telegram on macOS that sets up a "Self-destruct" timer for messages on both the sender's and recipient's devices can allow someone to retrieve these messages even after they've been deleted, a researcher has found.
Reegun Richard Jayapaul, Trustwave SpiderLabs Lead Threat Architect, discovered the flaw in the Self-Destruct feature of Telegram MacOS, which is part of the Secret-Chats aspect of the messaging app that uses end-to-end encryption.
Telegram in general is widely viewed as one of the more secure messaging apps; many users have opted to switch from Facebook's WhatsApp to Telegram because they are concerned about their privacy.
In the first scenario, Shared Location, video and audio messages can leak even after the messages have been timed to self-destruct on both the sender's and recipient's device, he wrote.
Jayapaul discovered the flaw in macOS Telegram version 7.5, where any shared location, audio, video or documents sent via the app are stored in the Telegram cache in the following path: "/Users/Admin/Library/Group Containers/XXXXXXX.ru.
The second scenario depends upon the recipient of the message going into the cache folder to grab the file that's set to self-destruct, or deletes the messages without reading them within the Telegram app.
News URL
https://threatpost.com/macos-flaw-in-telegram-retrieves-deleted-messages/168412/