Reuters journalists
report that Telegram Messenger in Iran has undergone the most extensive compromise of user accounts in history. As a result, hackers managed to disclose information on more than 15 million phone numbers of messenger users, as well as access to a dozen accounts. Hackers took advantage of the most vulnerable place in Telegram - the process of activating new devices, which is based on sending SMS text messages.
Telegram is a very common messenger in Iran, its audience reaches 20 million people. The messenger is used by many civil activists, as well as journalists, as it provides a high level of security of the data sent. When a user activates a new device, Telegram sends an activation code to it in a special SMS message. This code can be intercepted at the level of a telecommunications company and be in the hands of hackers.
')
According to Reuters experts, this is not the first time that Telegram service accounts have been compromised due to interception of activation codes in SMS messages. When it comes to civil society activists who want to protect themselves from any type of state involvement in their activities, telecommunications companies' access to this process can be critical for security.
The phone numbers of the phone number are 15 million.
The information obtained as a result of the attack can be used to de-anonymize users and determine their territorial location, which is in the hands of special services that work in the interests of the state. Having received an activation code at their disposal, the attackers can add their device to the victim’s account and gain access to the correspondence. At the same time, this type of attack does not apply to messages that were sent in secret chat mode, since they are not stored in the cloud and are only accessible from the device that initiated the secure connection.
Telegram is criticized by security experts not only for the aforementioned vulnerability, but also for the secrecy of the MTProto encryption protocol for open auditing. In addition, unlike WhatsApp or iMessage, Telegram does not use E2EE by default, which can also be used as a security flaw, since, as a rule, users use the default settings for using instant messenger without switching to secure chat mode.