Telegram, the popular messaging service, has initiated a stringent control and warning campaign against accounts utilizing unofficial third-party applications. The company explicitly cautioned users that employing these non-official versions compromises message security and exposes personal data to significant risks. This move comes as concerns mount over the proliferation of malicious applications masquerading as legitimate Telegram clients.
The messaging giant highlighted that unofficial applications, while often built using Telegram's open-source code, frequently incorporate additional, potentially harmful code introduced by their developers. This modification can lead to severe security vulnerabilities, including data breaches, the installation of malware and spyware, and even complete account hijacking.
A notable example cited is "Telega," a Telegram-like application that has seen a significant surge in user numbers, particularly within Russia. Security experts have warned that "Telega" possesses the capability to intercept users' entire message history and personal information. In response to these threats, Telegram has begun actively identifying and "flagging" accounts associated with these unofficial applications. The severity of the situation was further underscored when Apple removed the unofficial "Telega" app from its App Store.
**Understanding the Risks of Unofficial Telegram Apps**
Unofficial Telegram applications, such as Nicegram, Nekogram, Mobogram, Vidogram, and Nijagram, are developed by various third parties across different countries, operating outside the direct oversight of Telegram. The use of these applications carries several critical risks:
1. **Data Security Breach:** When users log into these unofficial apps, they grant access to their primary Telegram account. This can expose sensitive personal data, including registered phone numbers, private messages, and online status, making them vulnerable to unauthorized access and exploitation.
2. **Malware and Spyware Infection:** Research conducted in 2023 revealed that approximately 60,000 mobile phones were infected by virus-laden Telegram-impersonating applications. These malicious apps, designed to mimic the official Telegram interface, can surreptitiously steal all contact names and phone numbers stored on a device. Furthermore, they can copy and transmit all incoming and outgoing private messages, effectively compromising user privacy and exposing confidential information to third parties.
3. **Account Hijacking:** Some unofficial applications are "Trojanized," meaning they appear legitimate and useful on the surface but contain destructive software internally. These third-party Telegram clients are capable of stealing users' session tokens or login permissions. This can lead to severe consequences, particularly in regions experiencing conflict or political tension, such as Russia, Ukraine, Iran, and Lebanon. Users in these areas have reported being forcibly added to various channels and groups without their consent, exposing them to propaganda and unwanted messages. In more extreme cases, these applications can log out the legitimate account owner and completely seize control of the account, subsequently using it for criminal activities and fraud. The common pattern observed is that users who enter their Telegram secret codes into unofficial applications often lose access to their accounts almost immediately, with unauthorized activity then occurring.
**Telegram's Official Stance**
Pavel Durov, the founder of Telegram, has consistently reiterated that Telegram cannot guarantee the security of unofficial applications. He has explicitly stated that the company bears no responsibility for any data theft or account hijacking that occurs as a result of using these third-party clients. Telegram's official recommendation remains unequivocal: users should always opt for the main, official Telegram application for enhanced security and privacy.
The company emphasizes that unofficial Telegram versions are particularly exploited in areas of conflict and political unrest to harvest sensitive user data. The true, legitimate, and official Telegram application is identifiable by its distinct icon, typically represented by a paper plane or a phone symbol.
This intensified crackdown underscores Telegram's commitment to user security and serves as a critical reminder for users to exercise caution and prioritize official channels when engaging with messaging platforms.
Source: Telegram / tikvahethiopia