Intelligence agencies began to intercept SMS-codes Telegram authorization
It seems that authorization via SMS in the Telegram messenger is compromised. About this today warned users Pavel Durov himself.
“Apparently, the special services of the Russian Federation decided to put pressure on communication operators so that they could intercept the authorization SMS-code. Usually this is found only within the framework of cannibalistic regimes that do not care about their reputation - Central Asia, and sometimes the Middle East. But suddenly it happened in Russia (unless, of course, cutting off corruption within the MTS), ”says Pavel Durov.
I have already published a recommendation for residents of problem countries ; we will also do a mass Telegram mailing in Russia with advice to all endangered users to include two-factor authorization, as Russian telecom operators as a verifier are unreliable. ”
“How I use Telegram: there is a two-factor authorization (account password), an account is tied to a SIM card of adequate jurisdiction, the most sensitive moments are discussed in secret chats. In principle, each of these measures separately allows you to protect important information. The risk arises when all of the above is missing. ”
The history with the interception of the SMS authorization code and hacking into the Telegram account was described in detail on April 29 by one of the users Oleg Kozlovsky.
This is how events developed, in his words.
“Apparently, the special services of the Russian Federation decided to put pressure on communication operators so that they could intercept the authorization SMS-code. Usually this is found only within the framework of cannibalistic regimes that do not care about their reputation - Central Asia, and sometimes the Middle East. But suddenly it happened in Russia (unless, of course, cutting off corruption within the MTS), ”says Pavel Durov.
I have already published a recommendation for residents of problem countries ; we will also do a mass Telegram mailing in Russia with advice to all endangered users to include two-factor authorization, as Russian telecom operators as a verifier are unreliable. ”
“How I use Telegram: there is a two-factor authorization (account password), an account is tied to a SIM card of adequate jurisdiction, the most sensitive moments are discussed in secret chats. In principle, each of these measures separately allows you to protect important information. The risk arises when all of the above is missing. ”
The history with the interception of the SMS authorization code and hacking into the Telegram account was described in detail on April 29 by one of the users Oleg Kozlovsky.
This is how events developed, in his words.
At 2:25 am, the MTS technological security department turns off the SMS delivery service for me.
After 15 minutes, at 2:40, someone from the Unix-console to the IP address 162.247.72.27 (this is one of the Tor anonymizer servers) sent to Telegram a request to authorize a new device with my phone number.
I was sent an SMS with a code that was not delivered (the service is disabled for me).
At 3:08, the attacker enters an authorization code and gets access to my account. Telegram sends me an automatic notification of this (which I will read only in the morning).
At 3:12, the account of George Alburov is hacked in the same way from the same IP address (i.e., through the same Tor session) .
At 4:55, the technological security department of MTS again includes the SMS delivery service for me.
I refused to name the reason for the disconnection and activation of the MTS service, suggesting that I write a written request.
The main question is how unknown persons gained access to the code that was sent by SMS, but not delivered. Unfortunately, I have only one version: through the SORM system or directly through the MTS technical security department (for example, by calling from “competent authorities”). If there are other options - offer.
The main recommendation for all Telegram users: connect two-step authorization (ie, not only SMS, but also a password). This is done in the security settings.
The main recommendation for Telegram: do not accept the authorization code, if you have not received confirmation of its delivery.