Unofficial Iranian Telegram Applications Leak Data of 42M Users

Published at: March 31, 2020

While Telegram isn’t giving up its ongoing legal battle with United States regulators to launch its TON blockchain project, some online perpetrators are taking advantage of the messenger’s popularity to expose millions of user records of third-party versions of Telegram app.

Per an investigation by cybersecurity firm Comparitech and security researcher Bob Diachenko, at least 42 million Iranian “Telegram” usernames and phone numbers were leaked via unofficial Iranian-made versions of Telegram, while real Telegram is banned in the country.

42 million Iranians that are willing to use the banned messenger got their data exposed

According to a March 30 report compiled by Comparitech, those records were publicly exposed online on the web without any authentication required to access it. The data was reportedly exposed on distributed search engine Elasticsearch for about 11 days until it was removed after Diachenko filed an abuse report.

Diachenko elaborated to Cointelegraph that the number of leaked records purportedly corresponds to the number of “Telegram” users affected. He said:

“42 million is the number of the records in the database which, we assume, are unique and correspond to the affected persons number.”

The reported data breach definitely poses significant risks like SIM swapping and phishing attacks as well as other scams using the phone numbers in the database. Moreover, the leakage reveals data of as many as 42 million Iranian people who were trying to still use Telegram despite the application being banned in the country since 2018.

Telegram blames Iranian people for using unofficial Telegram apps despite multiple warnings

The exposure wouldn’t have been possible without people using unofficial versions Telegram messenger, a Telegram spokesperson reportedly told Comparitech. Telegram emphasized that the leaked data came from unofficial Telegram applications or so-called “forks” of Telegram that are not affiliated with the official company. This became possible because Telegram is an open-source application that allows third parties to create their own versions of it.

Telegram reportedly said:

“We can confirm that the data seems to have originated from third-party forks extracting user contacts. Unfortunately, despite our warnings, people in Iran are still using unverified apps. Telegram apps are open source, so it’s important to use our official apps that support verifiable builds.”

As reported by local publications, Iranians created a number of “fork” Telegram apps like Telegram Talaeii and Hotgram in response to the messenger’s ban in the country. According to estimations, Talaeii and Hotgram amassed about 30 million users as of December 2018. According to BBC, real Telegram messenger was estimated to have about 50 million users in Iran as of 2018 before it was banned in the country.

While the latest data breach doesn’t involve the official Telegram company directly, the actual messenger suffered a major hack in Iran back in 2016. According to reports, Iranian hackers were able to compromise more than a dozen accounts to identify phone numbers of 15 million Telegram users in Iran despite the messenger’s focus on user privacy and security.

In mid-March 2020, Cointelegraph reported on Chinese social media giant Weibo experiencing a massive data breach that reportedly led to 172 million users having their account information leaked.

Tags
Related Posts
What is a seed phrase and why is it important?
How to keep your seed phrase safe A crypto seed phrase in the wrong hands can do damage, so it is advisable to always ensure it is safe. The following are some tips for ensuring your seed phrase is secure. Never share your seed with anyone else: It’s extremely important that you never reveal your recovery phrase to anyone. Why? Because if someone else finds out your recovery phrase, they will be able to access — and therefore control — your crypto funds. Make a note of it on paper and keep it in a secure location: This is the …
Blockchain / Aug. 27, 2022
This platform turns data into cryptocurrency
Large-scale data breaches and the abuse of data by cybercriminals have become an everyday reality. Data is being utilized to drive massive profits in big tech and beyond. In 2018, a breach at Marriott Hotels resulted in 500 million records being stolen, and just earlier this year, Facebook had an enormous break where the details from 533 million users were taken. Cirus is offering individuals new financial opportunities through data monetization using the power of Web 3.0. With over 4,000 Cirus devices currently deployed in real households, the Cirus team is aiming to propel a new ownership economy. By harnessing …
Blockchain / Sept. 17, 2021
World Economic Forum Releases Report About Blockchain Cybersecurity
The World Economic Forum (WEF) released a report about blockchain cybersecurity on April 5. The report points out that most data breaches do not result from the level of skill of the hackers, but instead happen because appropriate security measures often are not implemented. The WEF further claims that while attackers do compromise blockchains themselves, they much more often try to exploit or compromise their deployment. The WEF references the data breach of retail giant Target, which lead to both the CEO and chief information officer being fired, also mentioning that the director of the United States Government Office of …
Blockchain / April 8, 2019
Crypto app targeting SharkBot malware resurfaces on Google app store
A newly upgraded version of a banking and crypto app targeting malware has recently resurfaced on the Google Play store, now with the capability to steal cookies from account logins and bypass fingerprint or authentication requirements. A warning about the new version of the malware was shared by malware analyst Alberto Segura and treat intelligence analyst Mike Stokkel on Twitter accounts on Sept. 2, sharing their co-authored article on Fox IT’s blog. We discovered a new version of #SharkbotDropper in Google Play used to download and install #Sharkbot! The found droppers were used in a campaign targeting UK and IT! …
Blockchain / Sept. 5, 2022
NFT-delivered court orders an answer to blockchain-related litigation: Lawyers
Non-fungible tokens (NFTs) are becoming an increasingly popular solution to serving defendants in blockchain-based crimes that would otherwise be unreachable, according to crypto lawyers. The last year has seen an increase in litigation delivered over NFTs in cases where those accused of blockchain crime wereuncontactable through traditional methods of communication. In November 2022, the United States District Court for the Southern District of Florida granted a United States law firm The Crypto Lawyers its request for its client to serve a defendant via NFT. While the defendant's identity was unknown, the plaintiff accused the defendant of stealing cryptocurrency to the …
Adoption / Jan. 24, 2023