Data from the popular encrypted messenger app Telegram was hijacked by Iran’s state-owned telecommunications giant on Monday, a day before proposed protests over the country’s economic crisis. The move looks to be a BGP hijack, a practice where an intermediary illegitimately takes over groups of IP addresses so data originally destined for one place can be forcefully sent to another. Monday’s attacks were widely detected as they happened by Oracle’s InternetIntelligence and Cisco’s BGPMon. Here’s Oracle tracking the incident: At 06:28 UTC earlier today (30-Jul), an Iranian state telecom network briefly leaked over 100 prefixes. Most were Iranian networks, but the leak also included 10 prefixes of popular messaging app @telegram (8 were more-specifics). pic.twitter.com/MjN2itdpTS — InternetIntelligence (@InternetIntel) July 30, 2018 BGP, or the Border Gateway Protocol, is the technology that exchanges routing data across the various networks that make up the entire global internet. “Once a valid BGP hijack occurs, the hijacker can perform [man-in-the-middle] attacks, […]
The post Telegram traffic from around the world took a detour through Iran appeared first on Cyberscoop.
Continue reading Telegram traffic from around the world took a detour through Iran→