Intelligence agencies began to intercept SMS-codes Telegram authorization

It seems that authorization by SMS in the Telegram messenger is compromised. About this today warned users Pavel Durov himself.

“Apparently, the security services of the Russian Federation decided to put pressure on communication operators so that they began to intercept the authorization SMS-code. Usually this is found only within the framework of the cannibalistic regimes that do not care about their reputation - Central Asia, and sometimes the Middle East. But suddenly it happened in Russia (unless, of course, cutting off corruption within the MTS), ”says Pavel Durov.

I have already published a recommendation for residents of problem countries; we will also do a mass Telegram-mailing in Russia with advice to all endangered users to include two-factor authentication, as Russian telecom operators as a verifier are unreliable. ”

“How I use Telegram: there is a two-factor authorization (account password), the account is tied to a SIM card of adequate jurisdiction, the most delicate moments are discussed in secret chats. In principle, each of these measures separately allows you to protect important information. The risk arises when all of the above is missing. ”
')
On April 29, one of the users, Oleg Kozlovsky, described in detail the history of intercepting the authorization SMS-code and hacking the Telegram account.

This is how events developed, in his words.

At 2:25 am, the MTS technological security department turns off the SMS delivery service for me.

After 15 minutes, at 2:40, someone from the Unix console to the IP address 162.247.72.27 (this is one of the Tor anonymizer servers) sent a request to Telegram to authorize a new device with my phone number.

I was sent an SMS with a code that was not delivered (the service is disabled for me).

At 3:08, the attacker enters an authorization code and gets access to my account. Telegram sends me an automatic notification of this (which I will read only in the morning).

At 3:12, the account of Georgiy Alburov is hacked in the same way from the same IP address (i.e., through the same Tor session).

At 4:55, the MTS technological security department again includes the SMS delivery service for me.

I refused to name the reason for the disconnection and activation of the MTS service, suggesting that I write a written request.

The main question is how unknown persons got access to the code that was sent by SMS, but not delivered. Unfortunately, I have only one version: through the SORM system or directly through the MTS technical security department (for example, after a call from “competent authorities”). If there are other options - offer.

The main recommendation for all Telegram users: connect two-step authorization (ie, not only SMS, but also a password). This is done in the security settings.

The main recommendation for Telegram: do not accept the authorization code, if you have not received confirmation of its delivery.