Researcher Refuses Telegram’s Bounty Award, Discloses Bug

Share on facebook
Share on twitter
Share on linkedin
Share on reddit
Share on email

reader comments

42 with 35 posters participating

Share this story

Telegram patched another image self-destruction bug in its app earlier this year. This flaw was a different issue from the one reported in 2019. But the researcher who reported the bug isn’t pleased with Telegram’s months-long turnaround time—and an offered $1,159 (€1,000) bounty award in exchange for his silence.

Self-destructed images remained on the device

Like other messaging apps, Telegram allows senders to set communications to “self-destruct,” such that messages and any media attachments are automatically deleted from the device after a set period of time. Such a feature offers extended privacy to both the senders and the recipients intending to communicate discreetly.

In February 2021, Telegram introduced a set of such auto-deletion features in its 2.6 release:

Set messages to auto-delete for everyone 24 hours or 7 days after sending Control auto-delete

Read the article