Skip to content

Server-Side Bug Allowing Malicious Actors in Voice Chats #3274

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
IRGC opened this issue Mar 13, 2025 · 0 comments
Open

Server-Side Bug Allowing Malicious Actors in Voice Chats #3274

IRGC opened this issue Mar 13, 2025 · 0 comments

Comments

@IRGC
Copy link

IRGC commented Mar 13, 2025

Hello @levlam ,
I’m reporting a potential server-side bug affecting our large Telegram supergroups, where users engage in text and voice chats. We’re frequently disrupted by malicious actors who join voice chats as private channels and verbally abuse admins and participants. These individuals were previously banned for inappropriate behavior, yet they persist in joining.
When we try to remove these abusive private channels from the voice chat participant list, they remain despite the mobile app showing them as banned. Attempts to address this via userbot or MTProto result in a CHANNEL_PRIVATE error.
This issue has been ongoing for a long time. I’ve submitted multiple reports via the TDLib bot and bugs.telegram.org, but I’ve received no response. I’m now seeking your help.
Please provide clear answers to these questions:
Are private channels meant to join voice chats by design?

If yes, why can’t we ban or kick them?

If no, how are they able to join voice chats?

I’d appreciate your prompt attention to this matter.
Thank you.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@IRGC