# Telegram Will Warn About Risks of Unofficial Clients in Chats
Telegram is rolling out notifications when your chat partner uses an unofficial client. Strings have been found in the code of the official iOS app that display a warning next to the user's name: "[Username] is using an unofficial Telegram client — messages to this user may be less secure." This raises awareness of potential security vulnerabilities in your chats.
Notification Mechanism and Its Impact
The warning is being tested in the official iOS client. It appears in chats where at least one participant uses a third-party app. Experts note a balanced approach: no outright blocks are enforced, but risks are visually highlighted. It's unclear if the feature will target all alternative clients or just unreliable ones. Applying it universally could create excessive visual clutter in the interface.
Previously, users reported session resets in official clients, requiring re-authentication and blocking message sending. The cause is frequent IP changes via VPNs or unofficial clients, which Telegram flags as suspicious activity.
Security Analysis of Alternative Clients
RKS Global's research covered eight popular Android Telegram clients:
- Telegram Official
- Telegram X
- Plus Messenger
- Nekogram
- Graph Messenger
- Telega
- iMe
- F-Droid (Forkgram, Mercurygram)
Key risks:
- Telega, Graph Messenger, and iMe send data to Russian servers.
- Plus Messenger, Graph Messenger, and iMe include Firebase Analytics; Nekogram does not disable it. The official client deactivates Google data collection.
- Advertising SDKs heighten risks: Graph Messenger (6 SDKs), iMe (15+ SDKs), Plus Messenger (1 SDK). Traces of VK Group in Telega (MyTracker, OK.ru) and iMe (ad.mail.ru).
- Telega is the most vulnerable: On March 18, 2026, a MITM attack was activated. MTProto traffic is redirected through Telega's proxy to Russia, intercepting all data between the client and Telegram servers.
An anonymous breakdown titled "Technical Analysis of MITM Attack in Telega Client" confirms server spoofing.
New Open-Source Client Monogram
In March 2026, enthusiasts released Monogram — an unofficial Android client built with Kotlin, Jetpack Compose, and Material Design 3. It uses TDLib for compatibility with the Telegram protocol. GPLv3 license, the project is in active development: expect updates, refactoring, and bugs.
Monogram focuses on native UI and performance, avoiding advertising SDKs and external analytics.
Key Takeaways
- Notifications in Telegram iOS flag users of unofficial clients to reduce chat risks.
- Telega implements MITM via Russian proxies, spoofing MTProto traffic.
- Three out of eight Android clients send data to Russia; most include Firebase.
- Session resets in official clients are linked to VPNs and third-party apps.
- Monogram — an open-source option on Jetpack Compose with TDLib, no trackers.
Recommendations for Developers
When developing or selecting clients, check network traffic for server spoofing. Use tools like Wireshark to analyze MTProto. Avoid apps with active SDKs (Firebase, MyTracker). For custom solutions, rely on TDLib like in Monogram, ensuring code transparency on GitHub.
— Editorial Team
No comments yet.