Telegram 'Secret Chat' Might Still Reveal Deleted Files and Password: How to Access the Passcode?

Joen Coronel, Tech Times 13 February 2021, 05:02 am

Telegram Update Adds Video Transcription, Group Chat Topics, Collectible Usernames, and MORE — (Photo : Carl Court/Getty Images) LONDON, ENGLAND - MAY 25: A close-up view of the Telegram messaging app is seen on a smart phone on May 25, 2017 in London, England. Telegram, an encrypted messaging app, has been used as a secure communications tool by Islamic State.

Telegram users should not be relaxed when using the 'Secret Chat' feature for their safety. The latest news revealed that it did not entirely remove the deleted files, so your confidential messages and passwords are still at high risk of being exposed.

What's Dangerous for Telegram 'Secret Chat?'

It is reported that the self-destructing media files were still contained in the MacOS devices, according to the users. While Secret Chat' boasted its more guaranteed security for the users compared to other messaging apps, it has recently a flaw that needs an immediate solution.

Just imagine that inside when you are accessing Secret Chat, the connection should only be between you and the person you are talking to. Telegram uses end-to-end encryption in the process, so you are not able to send your messages to other people. Meanwhile, the media files undergo configuration so they will be automatically deleted from your device when a particular time-frame has been expired.

Furthermore, Bleeping Computer reported that Dhiraj Mishra, who according to his LinkedIn profile is a Cognosec security consultant, unveiled that the Secret Chat is vulnerable upon the 7.3 updates. The assurance of being safe in Telegram is just the tip of the iceberg for the users.

To test whether the feature removes the media files, Mishra conducted a security audit for a MacOS device through Telegram. However, the University of Mumbai graduate found out that the sandbox path for the stored media files could be exposed via standard chats. The audio and image media files will still be contained in the same folder, despite the path remaining hidden in the feature.

"In my case the path was (/var/folders/x7/khjtxvbn0lzgjyy9xzc18z100000gn/T/). While performing the same task under the secret chat option the MediaResourceData(path://) URI was not leaked but the recorded audio/video message still gets stored on the above path," Mishra said in his blog post entitled "The "P" in Telegram stands for Privacy."

Moreover, the actual files could still be accessed by the user through its computer folder even after the media was deleted from the chat after it was subjected to self-destruction.

Mishra exemplified that Alice, who acts like a victim, sent a media file (either audio or video message) to the MacOS attacker, Bob. The message will be deleted after 20 seconds. However, despite Alice knowing that the file was now removed from the storage, it was still in the path that Bob created.

For the security analyst, Telegram failed to cover the privacy concerns of its users. Through a flawed feature, the app failed to cater to the safety of a person like in the case of the attack because the files still remained where they should not be.

As a precaution, users should be more careful about the bug when sending files to their receiver since sensitive videos could spell a much serious concern in the long run.

How to Access Passcode?

Last month, the Telegram 7.4 update already solved the issue but when you use macOS, see to it that your client software is updated. Actually, you cannot fix the problem unless you stop sending messages in Secret Chat, but you can access the plain text storage for your local passcode.

To access the saved passcodes, head to the Users/[username]/Library/Group Containers/6N38VWS5BX.ru.keepcoder.Telegram/accounts-metadata which you will see as a JSON file. Watch the video below.