Telegram for Mac found to not really destroying 'self-destructing' videos

Home » Apps

Reading time icon 1 min. read

Calendar icon Published on

by Surur Davids 

published on

Share this article

Readers help support MSpoweruser. We may get a commission if you buy through our links. Tooltip Icon

Read our disclosure page to find out how can you help MSPoweruser sustain the editorial team Read more

telegram self-destructing video

Telegram’s main selling point is that their chat network is secure and private, but it appears the company has failed users on the Mac on both accounts.

Security researcher Dhiraj Mishra has discovered that Telegram was not actually deleting so-called “self-destructing” videos on the MacOS computers of recipients.

The issue is that Telegram was saving all media to the same directory, which was visible in regular chats, but hidden in private chats. The media was still however being stored in the same location, which was accessible to the end-user, who could then simply view and copy the media from there.

Mishra also discovered a second vulnerability in the MacOS software. Users can apply a passcode to open the app, but this password was being stored in plain text in a JSON file which could be read by anyone with access to the computer.

Mishra has informed Telegram of the issues, and they have fixed them with version 7.4 of the app, but the issue reflects very badly on the security of the app in general.

via Winfuture, BleepingComputer.

Surur Davids

Surur Davids Shield

Smartphone Expert

Surur Davids is the founder of WMPoweruser which later became MSPoweruser.com. He's a smartphone expert with over a decade of experience.

User forum

0 messages