Iran Hackers Just Cracked Telegram’s Encrypted Messaging Code – Fortune

The use of SMS verification seems to be the weak link here. The SMS messages are not secure enough.


  1. Tomi Engdahl says:

    Telegram says only publicly available data collected in attack on Telegram in Iran, accounts not accessed

    Keep Calm and Send Telegrams!

    Certain people checked whether some Iranian numbers were registered on Telegram and were able to confirm this for 15 million accounts. As a result, only publicly available data was collected and the accounts themselves were not accessed.

    However, since Telegram is based on phone contacts, any party can potentially check whether a phone number is registered in the system. This is also true for any other contact-based messaging app (WhatsApp, Messenger, etc.).

    SMS codes

    As for the reports that several accounts were accessed earlier this year by intercepting SMS-verification codes, this is hardly a new threat as we’ve been increasingly warning our users in certain countries about it. Last year we introduced 2-Step Verification specifically to defend users in such situations.

    If you have reasons to think that your mobile carrier is intercepting your SMS codes, use 2-Step Verification to protect your account with a password. If you do that, there’s nothing an attacker can do.


Leave a Comment

Your email address will not be published. Required fields are marked *