The Telegram messaging app may be less secure than previously thought, as its infrastructure is controlled by a man whose companies have collaborated with Russian intelligence services, according to anew investigation by the exiled outlet IStories.The popular messaging app's founder, Russian-born Pavel Durov, has touted his platformas a haven for free speech and digital privacy, particularly in authoritarian countries.In reality, Telegram chats arenot end-to-end encrypted by default like competitors WhatsApp or Signal.
Unless users opt in to the apps "secret chat" feature, these chats are decrypted and stored on servers."This means that whoever controls the server can access the correspondence," IStories wrote.This infrastructure is maintained by Global Network Management (GNM), a little-known company based inAntigua and Barbuda that has provided Telegram with over 10,000 IP addresses, IStories found.GNMsowner, Russian national Vladimir Vedeneev, testified in a U.S.
court that the company installs and maintains Telegrams infrastructure and has staff in Russia.
According to court documents reviewed by IStories, Vedeneev also serves as Telegrams chief financial officer.Many of GNMs IP addresses previously belonged to St.
Petersburg-based telecommunications firm Globalnet, which has links to the Kremlin and Russian intelligence services, including the FSB, IStories reported.Telegram also reportedly received 5,000 IP addresses from another St.
Petersburg-based company, Electrontelecom, which IStories identified as an FSB contractor.
The company provided installation and maintenance for secure communication systems used in intelligence operations.In 2022, Globalnet implemented user traffic monitoring systems at the request of the Russian state communications watchdog Roskomnadzor.Oleg Matveychev, deputy chairman of the State Dumas Information Policy Committee, said at the time that Telegram and the FSB had reached a compromise in which Telegram installed infrastructure enabling authorities to monitor users involved in criminal investigations, such as suspected terrorists.In addition to decrypting its users messages and storing them on servers, Telegram also attaches a unique device identifier known as auth_key_id to every message, cybersecurity expert Micha Woniak told IStories.This identifier allows the platform to determine the users device and apply the appropriate decryption key.
In combination with metadata like IP addresses and timestamps,Woniaksaid, this system could be used to determine a users physical location and contacts.If someone has access to Telegram traffic and cooperates with Russian intelligence services, this means that the device identifier becomes a really big problem a tool for global surveillance of messenger users, regardless of where they are and what server they connect to, Woniak told IStories.In a statement later Tuesday, Telegram saidnone of its contractors have access to user data or critical infrastructure and that it does not have any employees or servers inside Russia."All Telegram servers belong to Telegram and are maintained by Telegram employees.
Unauthorized access is impossible.
Telegram has no employees or servers in Russia.
Throughout its history, Telegram has never transmitted personal messages to third parties, and its encryption has never been hacked, Telegrams press service said.