Hackers believed to be associated with Iran’s Islamic Revolutionary Guard Corps (IRGC) accessed user accounts of the secure messaging app Telegram earlier this year, identifying the phone numbers of millions of Iranians, Reuters reported on Tuesday.
The breach was is the largest yet of the secure messaging system, cybersecurity experts told Reuters. The hacking group Rocket Kitten, believed by experts to be linked to the IRGC, compromised more than a dozen Telegram accounts and identified the phone numbers of some 15 million Iranians. Iran has a reported 20 million Telegram users.
The Berlin-based app uses end-to-end encryption, considered to be the most secure form of encryption. It claims 100 million users worldwide, especially in the Middle East, Latin America, and Central and Southeast Asia. The terrorist group ISIS is also known to use Telegram.
The weakness in Telegram’s security system, experts said, is that new devices are activated by SMS messages. In countries where cell phone companies are controlled or heavily influenced by the government, accounts could be compromised.
Iran threatened last month to ban all iPhones unless Apple opened a store in Iran as part of an effort to get all cell phones registered in a national telecommunications database. Three months ago, Iran ordered all messaging apps to begin storing their data inside the country or risk being prohibited from operating in Iran. These moves have raised concerns that users could have their data accessed by the government.
In February, an app designed to help users avoid the morality police, was removed by authorities shortly after it was made available.
European authorities shut down a number of Rocket Kitten’s servers last year after the Israeli cybersecurity firm Checkpoint Software uncovered an alleged cyber-espionage plot targeting NATO officials, exiled Iranian dissidents, and even the wives of European generals.