Telegram has fought back against researcher claims that Iranian cyberattackers have managed to compromise at least a dozen accounts on the secure messaging service and identified the phone numbers of 15 million users.
According to the publication, the cyberattack took place this year by hackers part of a group called “Rocket Kitten,” but the breach was kept under wraps.
The researchers said that a vulnerability was found within how the company uses SMS text messages to sign up new devices to the service. Anderson and Guarnieri claim that when a user logs into Telegram from a new smartphone, authorization codes are sent via SMS which in turn can be intercepted by the phone company and shared with cyberattackers.
This is particularly a problem when communications providers are heavily monitored or owned by states which want to keep track of their citizens. This year in Iran, for example, the country’s government demanded that foreign messaging service providers must store Iranian citizen data within the country — where law enforcement has easy access.
In response to the researchers’ allegations, Telegram said that “certain people checked whether some Iranian numbers were registered on Telegram and were able to confirm this for 15 million accounts,” however, the Iranian accounts “were not accessed.” In addition, the only information that was released through the mass-checks for Iranian numbers was public domain.
Telegram added that such mass checks are no longer possible since the recent introduction of some limitations into the firm’s API this year.