Privacy is a primary feature for many users of online services concerned about their information security, so tools like Telegram, instant messaging app with a specialized focus on privacy find more and more users each day, experts in cybersecurity services mentioned. However, this effort to keep private information secret can be targeted in different ways.
Privacy on Telegram has caused many governments to try to ban these services or, in other cases, regulate tits use and ensure that developers provide access to content shared by users. On the other hand, many prominent members of various governments use these services to maintain confidential communication channels, which is very attractive to their adversaries and others interested in publicly disclose private information.
An example of this is the case of Sergio Moro, Minister of Justice of the Brazilian government, who last June informed the media that his smartphone had been hacked. Just days after the announcement, the content of his Telegram conversations began to flood news from across the country.
After an investigation, four individuals were arrested for the incident; Brazilian authorities later discovered that the attackers also targeted Telegram conversations by other politicians, such as President Jair Bolsonaro and Brazil’s economy minister, Paulo Guedes, claim specialists in cybersecurity services.
The researchers concluded that the information of these politicians was compromised using one of the oldest and most well-known techniques, hacking voicemail services. According to cybersecurity services specialists, like other platforms, Telegram is vulnerable to account restart or SIM swap attacks. Exploiting these weaknesses, all a hacker should do later is install the app on a device under their control and use the SMS verification message to access the victim’s account.
In addition to these techniques, Walter Delgatti, one of those arrested for this incident, claimed that he and his accomplices used voicemail services to easily obtain Telegram verification codes.
International Institute of Cyber Security (IICS) cybersecurity services specialists mention that it is too easy for hackers to access a phone user’s voicemail records, because although this service can be protected with a PIN, almost no user deems it necessary. In addition, even if these four-digit keys are implemented, it is relatively easy for hackers with basic skills to break this security measure.
Although mobile phone operators try to mitigate this risk by verifying the identity of users, falsifying a phone number is also a very easy practice for attackers once they know the victim’s original number.
When attackers manage to access the victim’s voicemail they can retrieve any records stored there, from missed call messages to verification codes for Telegram use or other similar services.
This attack vector became so popular that more similar cases soon appeared, such as that of Ricardo Roselló, governor of Puerto Rico, who was forced to resign from office after the content of his Telegram conversations were leaked.
Finally, the company reported that some updates were made to prevent this attack variant, so from now on Telegram users will only be able to request a login code via voicemail if they have authentication multi-factor to access the platform.