Is Telegram Really Safe for Activists Under Threat? These Two Russians Aren’t So Sure. · Global Voices

On April 29, two Russian opposition activists reported that their Telegram messenger accounts had been hacked remotely. Georgy Alburov, a leading member of the Anti-Corruption Foundation, and Oleg Kozlovsky, the director of the Vision of Tomorrow Center in Moscow, believe unauthorized access to their accounts was obtained through tampering with the app's SMS login feature. They suspect the Russian government was involved in the hack.

The activists note that, according to the messages they received, the unauthorized access attempts on April 29 were made from the same IP-address in New York. Alburov also noted that the hackers used an unofficial, little-known Telegram command line client, TelegramCli, to access their accounts.

While both activists eventually received suspicious login notifications, they did not receive any notices of password changes or authentication requests, and only learned about access attempts because Telegram alerted them that a new device had accessed their accounts.

So how did the hackers gain access to Telegram?

Alburov and Kozlovsky appealed to the Telegram support service, and received a replysaying their accounts were accessed through text-based authorization, which allows users to connect new devices to Telegram accounts simply by entering a verification code received via text message. Because neither Alburov nor Kozlovsky had enabled two-step verification on their accounts, the hackers were able to gain entry.