Telegram CEO: DDoS Attack Timed To Disrupt Hong Kong Protests

The finger of blame is being pointed at China by the head of the Telegram messaging app, after it was targetted by a “powerful” cyber attack.

Telegram was knocked offline for some users by a massive DDoS (distributed denial of service) attack on Wednesday.

“We’re currently experiencing a powerful DDoS attack, Telegram users in the Americas and some users from other countries may experience connection issues,” the firm tweeted.

China blamed

But then the CEO of Telegram joined in, when he added to the comments section of this tweet, and firmly pointed the finger of blame at China, which he said was trying to disrupt the street protests in Hong Kong.

“IP addresses coming mostly from China,” tweeted CEO and founder of Telegram Pavel Durov. “Historically, all state actor-sized DDoS (200-400 Gb/s of junk) we experienced coincided in time with protests in Hong Kong (coordinated on @telegram). This case was not an exception.”

Hong Kong is currently being rocked by protests from hundreds of thousands people, who have taken to the streets in recent days to protest against an extradition bill that would allow people to be sent to mainland China to stand trial.

Telegram is officially blocked in both Hong Kong and mainland China, but activists are said to frequently use the Telegram app to organise protests in the hope of evading government surveillance.

Telegram is thought to have over 200 million users that enjoy the privacy protection from its end-to-end encryption.

Politically motivated?

If Durov’s allegations that China was behind the DDoS cyber-attack on Telegram, it would mark another attempt by authorities to clamp down on the app.

“DDoS attacks can be a problem to deal with; while they don’t steal data, they certainly affect the performance of your service, rendering it unavailable or unusable,” said Anjola Adeniyi, technical leader at Securonix.

“DDoS attacks are usually launched to demand payment from the victim, revenge over a personal grievance, or can be politically motivated,” said Adeniyi. “Quite often DDoS attacks are used as a distraction from the attackers’ real intent like stealing personal and financial data.”

Russian clash

Teelgram has been attacked before.

In May last year the Russian TeleGrab malware stole chats from Telegram’s desktop application, which didn’t support end-to-end encryption.

Russia has long been waging a campaign against the messaging app, and last year it formally requested that Apple remove the secure messaging app from its App store.

The Russian issue however began in April 2018 when access to Telegram was shut down in Russia. That decision was taken by Russian authorities after the app refused to give Russian state security services access to its users’ secret messages by handing over encryption keys used to scramble the messages.

Russian authorities have previously accused Telegram of enabling terrorists to communicate in secret through the encrypted messaging, and have blamed the app for concealing the messages of the suicide bomber who killed 15 people in St Petersburg in April 2017.

The app is also said to have been used by Islamic State for propaganda purposes in the past, especially by those based in Russia, but the company has made efforts to clamp down on these terrorist accounts.

Despite this, Russia’s FSB Federal Security Service wants access to some messages for its work, including safeguarding against terrorist attacks.

Telegram has consistently refused to comply with its demands, citing respect for user privacy. Indeed, Pavel Durov has always maintained his stance against the sharing of confidential data with government entities.

Durov is a Russian citizen but the Telegram team have relocated to a number of countries over the years, and is now based in Dubai.

Iran has also disrupted certain features of Telegram.

Do you know all about security? Try our quiz!