Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cyberwarfare

Telegram Hit by Cyber-attack, CEO Points to HK Protests, China

Encrypted messaging service Telegram suffered a major cyber-attack that appeared to originate from China, the company’s CEO said Thursday, linking it to the ongoing political unrest in Hong Kong.

Encrypted messaging service Telegram suffered a major cyber-attack that appeared to originate from China, the company’s CEO said Thursday, linking it to the ongoing political unrest in Hong Kong.

Many protesters in the city have used Telegram to evade electronic surveillance and coordinate their demonstrations against a controversial Beijing-backed plan that would allow extraditions from the semi-autonomous territory to the mainland.

Demonstrations descended into violence Wednesday as police used tear gas and rubber bullets to disperse protesters who tried to storm the city’s parliament — the worst political crisis Hong Kong has seen since its 1997 handover from Britain to China.

Telegram announced late Wednesday that it was suffering a “powerful” Distributed Denial of Service (DDoS) attack, which involves a hacker overwhelming a target’s servers by making a massive number of junk requests.

It warned users in many regions may face connection issues.

Pavel Durov, Telegram’s CEO, said the junk requests came mostly from China.

“Historically, all state actor-sized DDoS (200-400 Gb/s of junk) we experienced coincided in time with protests in Hong Kong (coordinated on @telegram),” he tweeted.

“This case was not an exception.”

Telegram later announced on Twitter that its service had stabilised. It also posted a series of tweets explaining the nature of the attack.

“Imagine that an army of lemmings just jumped the queue at McDonald’s in front of you -– and each is ordering a whopper,” it said, referring to the flagship product of Burger King.

“The server is busy telling the whopper lemmings they came to the wrong place -– but there are so many of them that the server can’t even see you to try and take your order.”

China’s foreign ministry and cyberspace administration did not immediately respond to AFP’s requests for comment.

Telegram allows users to exchange encrypted text messages, photos and videos, and also create “channels” for as many as 200,000 people. It also supports encrypted voice calls. It announced last year that it had crossed 200 million monthly active users.

Encrypted messaging apps like Telegram and WhatsApp are preferred around the world by a wide variety of people trying to avoid surveillance by authorities — from Islamic State jihadists and drug dealers to human rights activists and journalists.

Governments in recent years have devoted significant resources to breaching the security features of these apps, according to tech firms and researchers.

Hong Kong is not behind China’s Great Firewall, which heavily restricts internet access in the mainland — where Telegram is blocked.

The city’s special status under its handover agreement allows freedoms unseen in mainland China, but many fear they are under threat as Beijing exerts increasing influence on Hong Kong.

The current protests were sparked by fears that the proposed law would allow extraditions to China and leave people exposed to the mainland’s politicised and opaque justice system.

Written By

AFP 2023

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

Malware & Threats

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet.

Management & Strategy

Tens of cybersecurity companies have announced cutting staff over the past year, in some cases significant portions of their global workforce.

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.