Telegram App Hacked

https://www.hackread.com/telegram-app-hacked-again/

...Iranian hackers have compromised more than a dozen accounts on the Telegram instant messaging service and identified the phone numbers of 15 million Iranian users,
Click to expand...

...Telegram’s vulnerability, according to Anderson and Guarnieri, lies in its use of SMS text messages to activate new devices. When users want to log on to Telegram from a new phone, the company sends them authorization codes via SMS, which can be intercepted by the phone company and shared with the hackers, the researchers said.

Armed with the codes, the hackers can add new devices to a person’s Telegram account, enabling them to read chat histories as well as new messages.

“We have over a dozen cases in which Telegram accounts have been compromised, through ways that sound like basically coordination with the cellphone company,” Anderson said in an interview.

Telegram’s reliance on SMS verification makes it vulnerable in any country where cellphone companies are owned or heavily influenced by the government, the researchers said.
Click to expand...

Seems to require telco collusion
 
Not just as simple as saying that Telegram was hacked. Users who are not using the 2 step verification are the ones vulnerable. So too are WhatsApp and Viber users vulnerable.

Reuters and several media outlets are reporting that the phone numbers of 15 Million users in Iran and more than a dozen accounts on the Telegram instant messaging service have been compromised by Iranian hackers exploiting an SMS text message flaw.

However, you don't need to panic much, because 'SMS Interception' is not a Telegram's vulnerability. Such attack can be used against any messaging app, like Whatsapp and Viber, whose registration is based upon SMS-based verification mechanism.
Click to expand...

Seems to only be affecting Iranians, journalists in particular.

The 3 things they mention to check are some of the things that makes Telegram far superior to WhatsApp, over and above groups.

Two-step verification.
Self destructing messages (secret chats)
The ability to EASILY run / sync the app on multiple devices, to see which devices are using your account and close sessions.
 
Last edited:
Dairyfarmer said:
Not just as simple as saying that Telegram was hacked. Users who are not using the 2 step verification are the ones vulnerable. So too are WhatsApp and Viber users vulnerable.



Seems to only be affecting Iranians, journalists in particular.

The 3 things they mention to check are some of the things that makes Telegram far superior to WhatsApp, over and above groups.

Two-step verification.
Self destructing messages (secret chats)
The ability to EASILY run / sync the app on multiple devices, to see which devices are using your account and close sessions.
Click to expand...

I think the ability use the app on more than one device at the same time is the issue, I also wouldn't call it a hack.
 
What they do is set it up on another device. Because the user has not opted for 2 step verification, it is easier to do this "hack". You just have to intercept the verification sms. With the 2nd step you have to enter a passcode as well. This option is not available on WhatsApp.
 
Dairyfarmer said:
What they do is set it up on another device. Because the user has not opted for 2 step verification, it is easier to do this "hack". You just have to intercept the verification sms. With the 2nd step you have to enter a passcode as well. This option is not available on WhatsApp.
Click to expand...

Yeah WhatsApp will notify you, that you're using the same number on another device.
 
DA-LION-619 said:
Yeah WhatsApp will notify you, that you're using the same number on another device.
Click to expand...
It's different in Telegram. You can have it on many devices at the same time. They all sync as Telegram uses cloud storage (except when using private sessions). So you can have it on your work pc, home pc, tablet and phone all at the same time. Within Telegram you can see every session and end any session that is running.
 
checking in.

article cclearly says

However, you don't need to panic much, because 'SMS Interception' is not a Telegram's vulnerability. Such attack can be used against any messaging app, like Whatsapp and Viber, whose registration is based upon SMS-based verification mechanism.
Click to expand...

therefore the headline is clickbait.

once you have one main device set up on telegram you never get an sms notification again. format your phone but still on desktop? send 2 step to desktop. new desktop? send 2 step to phone. same goes for tab or any other device with it.

people shouting that whatsapp does not have this feature clearly cannot read or are simply only as clever as Thor187.

Take that whatsapp loyalists.
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X