Group-IB specialists recorded several cases of hacking accounts in Telegram by intercepting SMS messages. This was reported on the organization’s website.
Group-IB experts said that at the end of 2019 they were approached by several entrepreneurs who encountered unauthorized access to their Telegram accounts. Hacking occurred regardless of the operating system (iOS or Android) or the carrier.
The user received a message in the official Telegram service channel with a confirmation code for an entry that the user did not request. After that, the code came to the smartphone, after which the service channel received a message about entering the account from the new device.
Each case of hacking occurred using the mobile Internet. According to Group-IB, the attackers used disposable SIM cards to crack. The crackers’ IP addresses were most often located in Samara.
After the hack, Kaspersky Lab experts examined the devices of businessmen. They concluded that the technique was not infected with viruses and trojans. Also, there was no substitution of the SIM card. Attackers in an unknown way intercepted SMS messages with an activation code. Group-IB experts suggested that special equipment or insider information from mobile operators could be used for this.
Experts emphasized that the account can be protected from such a hack if you enable two-factor verification. They noted that in this way you can protect Telegram, WhatsApp and other services.