The encrypted messenger Telegram was the victim of a major cyber attack that seems to come from China, said Thursday its co-founder on Twitter, making the connection with political unrest in Hong Kong.
The application has been widely used in recent days by protesters in Hong Kong to evade online surveillance and coordinate their actions against a controversial bill to allow extradition to mainland China.
The former British colony was shaken Wednesday by the worst political violence since its surrender to China in 1997, the police fired rubber bullets at protesters who blocked the main arteries and tried to break into parliament.
Massive attack
Telegram announced Wednesday night a “powerful” Denial of Service (DDoS) attack – flooding a server with unnecessary queries to overwhelm it – and indicating that many users might have connection problems.
We’re currently experiencing a powerful DDoS attack, Telegram users in the Americas and some users from other countries may experience connection issues.
— Telegram Messenger (@telegram) June 12, 2019
These requests came mainly from China, according to Telegram’s Russian co-founder Pavel Durov, who made the connection with the situation in Hong Kong.
“Historically, all the DDos we encountered from a state actor by their size (200-400 Gb / s of useless requests) coincided with events in Hong Kong (organized via @telegram),” a- he said on Twitter. “It was not an exception.”
IP addresses coming mostly from China. Historically, all state actor-sized DDoS (200-400 Gb/s of junk) we experienced coincided in time with protests in Hong Kong (coordinated on @telegram). This case was not an exception.
— Pavel Durov (@durov) June 12, 2019
“No comment” in Beijing
Telegram subsequently released a series of tweets to explain the nature of the attack. “Imagine an army of lemmings jumping the queue in front of you at McDonald’s – and each one ordering a whopper,” said the messenger, referring to the flagship product of the competing brand Burger King.
A DDoS is a “Distributed Denial of Service attack”: your servers get GADZILLIONS of garbage requests which stop them from processing legitimate requests. Imagine that an army of lemmings just jumped the queue at McDonald’s in front of you – and each is ordering a whopper. (1/2)
— Telegram Messenger (@telegram) June 12, 2019
“The server is busy explaining to the lemmings that they are in the wrong place but there are so many that the server can not even see you to take an order.”
Solicited by AFP, the Chinese Ministry of Foreign Affairs and the Administration of Cyberspace made no comment.
Based in Dubai, Telegram messaging, used by more than 200 million users worldwide, offers high privacy for the exchange of text messages, photos and videos and makes encrypted voice calls. Its “channels” also allow a user to broadcast messages to a large number of subscribers.