The hijacking of messaging app Telegram, that is touted to be the most-secure one explains the dire state of cyber-security in the current scenario. According to Reuters, a group of Iranian hackers have not only accessed more than a dozen accounts, but have also got their hands on the phone numbers of 15 million users of the service in the country.
Iran is known to be the most active user of the encrypted communication service, with over 20 million users. The intrusion has been detected by two independent cyber researchers Collin Anderson and Claudio Guarnieri. They, who have been studying the Iranian hacker groups for the past three years, believe that users have been compromised by an SMS redirection hack.
It has been stated that Telegram’s vulnerability lies in its SMS authentication feature for new accounts. This message was intercepted by the hackers who could then add these devices to their accounts, giving them full access to read messages, archived chats and the contact list of that user. They also took advantage of a programing interface built into Telegram to identify the 15 million Iranian phone numbers and the user IDs associated with them.
There is currently no evidence but the cyber researchers believe that this hack couldn’t be pulled off without help from the phone company. And this indirectly points fingers at the government and raise the question whether the govt. really is behind these attacks or not.
We have over a dozen cases in which Telegram accounts have been compromised, through ways that sound like basically coordination with the cellphone company.
Telegram’s reliance on SMS verification makes it vulnerable in any country where cellphone companies are owned or heavily influenced by the government.
says one of the researchers.
No one can be certain if the govt. is involved or not, but the Telegram hackers probably belong to a group known as ‘Rocket Kitten‘. The alleged culprits have previously also carried out campaigns reflecting the interests and activities of the Iranian security apparatus.
The researcher, however, add that the victims comprise of political activists involved both in reformist movements and opposition organizations. And if by any chance, the government is involved in the hack then they could now have access to the conversations and plans of the opposition — which could prove to be fatal for the peace of the country.
In a public report released in response to Reuters, the company confirms that it has indeed been a victim of a massive hack, and that it had originated in Iran. It also confirms that 15 million registered account information was accessed, but defends itself by saying that only public data records were collected by the hacker group. The accounts, they believe, remain untouched from their dirty paws.
In the blogpost, it further defends itself by adding:
Such mass checks are no longer possible since we introduced some limitations into our API this year. However, since Telegram is based on phone contacts, any party can potentially check whether a phone number is registered in the system.
This is also true for any other contact-based messaging app (WhatsApp, Messenger, etc.).
On the point of SMS interception and the involvement of the phone company in the hack, the company scoffed off the severity of the issue and said,
This is hardly a new threat as we’ve been increasingly warning our users in certain countries about it. Last year we introduced 2-Step Verification specifically to defend users in such situations.
In short, what the company is trying to say is that the media is blowing the hack out of proportion — no we aren’t. It also adds that the data that has been hacked and revealed was already public information — you need a phone number to add a friend on Telegram. So, the company wants everybody to calm down and setup 2-Step Verification to protect their accounts with a password.
And seeing the state of security and the advent increase in the number of hacks, this is not only true for Telegram. To stay protected, everyone of you should go ahead and setup 2-Step Verification of all of your important online accounts.