Popular messaging app Telegram, which promotes itself as an ultra secure instant messaging system has been compromised by Iranian hackers.
The hack has led to the phone numbers of 15 million Iranian users being revealed, making it the largest known breach of the encrypted communications system.
The attacks jeopardized the communications of activists, journalists and other people in sensitive positions in Iran, where Telegram is used by some 20 million people.
Cyber researcher Collin Anderson and Amnesty International technologist Claudio Guarnieri said that Telegram’s vulnerability lies in its use of SMS text messages to activate new devices.
When users want to log on to Telegram from a new phone, the company sends them authorization codes via SMS, which can be intercepted by the phone company and shared with the hackers, the researchers said.
A number of Telegram accounts have been compromised, through ways that sound like basically coordination with the cellphone company, and the SMS verification makes it vulnerable in any country where cellphone companies are owned or heavily influenced by the government, the researchers said.
The hackers belong to a group known as Rocket Kitten, which used Persian-language references in their code and carry out a common pattern of spear-phishing campaigns reflecting the interests and activities of the Iranian security apparatus.
The Telegram victims included political activists involved in reformist movements and opposition organizations.