Telegram App Hacked

AfricanTech

AfricanTech

Honorary Master
Joined
Mar 19, 2010
Messages
40,369
https://www.hackread.com/telegram-app-hacked-again/

...Iranian hackers have compromised more than a dozen accounts on the Telegram instant messaging service and identified the phone numbers of 15 million Iranian users,
Click to expand...

...Telegram’s vulnerability, according to Anderson and Guarnieri, lies in its use of SMS text messages to activate new devices. When users want to log on to Telegram from a new phone, the company sends them authorization codes via SMS, which can be intercepted by the phone company and shared with the hackers, the researchers said.

Armed with the codes, the hackers can add new devices to a person’s Telegram account, enabling them to read chat histories as well as new messages.

“We have over a dozen cases in which Telegram accounts have been compromised, through ways that sound like basically coordination with the cellphone company,” Anderson said in an interview.

Telegram’s reliance on SMS verification makes it vulnerable in any country where cellphone companies are owned or heavily influenced by the government, the researchers said.
Click to expand...

Seems to require telco collusion
 
Dairyfarmer

Dairyfarmer

Executive Member
Joined
Apr 17, 2016
Messages
6,213
Not just as simple as saying that Telegram was hacked. Users who are not using the 2 step verification are the ones vulnerable. So too are WhatsApp and Viber users vulnerable.

Reuters and several media outlets are reporting that the phone numbers of 15 Million users in Iran and more than a dozen accounts on the Telegram instant messaging service have been compromised by Iranian hackers exploiting an SMS text message flaw.

However, you don't need to panic much, because 'SMS Interception' is not a Telegram's vulnerability. Such attack can be used against any messaging app, like Whatsapp and Viber, whose registration is based upon SMS-based verification mechanism.
Click to expand...

Seems to only be affecting Iranians, journalists in particular.

The 3 things they mention to check are some of the things that makes Telegram far superior to WhatsApp, over and above groups.

Two-step verification.
Self destructing messages (secret chats)
The ability to EASILY run / sync the app on multiple devices, to see which devices are using your account and close sessions.
 
Last edited:
DA-LION-619

DA-LION-619

Honorary Master
Joined
Aug 22, 2009
Messages
13,777
Dairyfarmer said:
Not just as simple as saying that Telegram was hacked. Users who are not using the 2 step verification are the ones vulnerable. So too are WhatsApp and Viber users vulnerable.



Seems to only be affecting Iranians, journalists in particular.

The 3 things they mention to check are some of the things that makes Telegram far superior to WhatsApp, over and above groups.

Two-step verification.
Self destructing messages (secret chats)
The ability to EASILY run / sync the app on multiple devices, to see which devices are using your account and close sessions.
Click to expand...

I think the ability use the app on more than one device at the same time is the issue, I also wouldn't call it a hack.
 
Dairyfarmer

Dairyfarmer

Executive Member
Joined
Apr 17, 2016
Messages
6,213
What they do is set it up on another device. Because the user has not opted for 2 step verification, it is easier to do this "hack". You just have to intercept the verification sms. With the 2nd step you have to enter a passcode as well. This option is not available on WhatsApp.
 
DA-LION-619

DA-LION-619

Honorary Master
Joined
Aug 22, 2009
Messages
13,777
Dairyfarmer said:
What they do is set it up on another device. Because the user has not opted for 2 step verification, it is easier to do this "hack". You just have to intercept the verification sms. With the 2nd step you have to enter a passcode as well. This option is not available on WhatsApp.
Click to expand...

Yeah WhatsApp will notify you, that you're using the same number on another device.
 
Thor

Thor

Honorary Master
Joined
Jun 5, 2014
Messages
44,236
Where is the telegram squad!?

WhatsApp ftw
 
Dairyfarmer

Dairyfarmer

Executive Member
Joined
Apr 17, 2016
Messages
6,213
DA-LION-619 said:
Yeah WhatsApp will notify you, that you're using the same number on another device.
Click to expand...
It's different in Telegram. You can have it on many devices at the same time. They all sync as Telegram uses cloud storage (except when using private sessions). So you can have it on your work pc, home pc, tablet and phone all at the same time. Within Telegram you can see every session and end any session that is running.
 
Baxteen

Baxteen

Honorary Master
Joined
Feb 26, 2013
Messages
17,369
checking in.

article cclearly says

However, you don't need to panic much, because 'SMS Interception' is not a Telegram's vulnerability. Such attack can be used against any messaging app, like Whatsapp and Viber, whose registration is based upon SMS-based verification mechanism.
Click to expand...

therefore the headline is clickbait.

once you have one main device set up on telegram you never get an sms notification again. format your phone but still on desktop? send 2 step to desktop. new desktop? send 2 step to phone. same goes for tab or any other device with it.

people shouting that whatsapp does not have this feature clearly cannot read or are simply only as clever as Thor187.

Take that whatsapp loyalists.
 
Ockie

Ockie

Resident Lead Bender
Joined
Feb 16, 2008
Messages
52,925
Baxteen said:
they want you to respond and defend telegram, I dont think they read the article. dont worry I got this.
Click to expand...

Well, I dont really see anything to defend, so you have it :)
 
You must log in or register to reply here.
Top