• United States



by Liam Tung

Attackers clobber Telegram messaging app in Australia, APAC

Jul 14, 20153 mins
Application SecurityData and Information SecurityGovernment

Messaging app Telegram says it has been hit by a large attack that knocked out its service for users in Australia and the Asia Pacific region.

The app, which promotes itself as a secure messaging platform and claims to have 60 million users worldwide, says a wave of distributed denial of service (DDoS) attacks have disrupted services to users in the region over the past week.

On Saturday the company said it had endured the third day of DDoS attacks that threw [xref:|SYN requests]], at a rate of 200Gbps, to its servers located in the Asia Pacific.

The attack is far from the largest known DDoS attack in history but is nonetheless sizeable compared to the thousands tracked each day DDoS protection firm Arbor Networks. In January the firm reported the largest DDoS attack on its records at 400Gbps, which used a technique known as NTP reflection and was levelled at an unnamed ISP. The largest attack in 2013 reached 245Gbps.

Telegram posted several tweets on the weekend drawing attention to the attacks, which first affected users in India but later spread to other regions.

A tweet on Friday from Pavel Durov, Telegram’s founder and CEO, the former CEO of Russia’s Facebook-like social network VKontake, suggested one of its messaging app rivals may be behind the attack.

The company has taken a gamble on the notoriously difficult task of attributing attacks, laying out further details in a blogpost on Sunday that suggested the rival attacker was based in South Korea.

“By now we know that the attack is being coordinated from East Asia,” it said.

It said the last time it was hit by a large scale DDoS attack was when the South Korean government clamped down on users of local messaging app Kakao Talk — an act that reportedly drove many of its users to Telegram.

“We’ve noticed a three-fold increase in signups from South Korea in the last two weeks. The last time we were hit by a massive DDoS was in late September, 2014, in the wake of the South Korean privacy scandal when signups from that country spiked as well,” said Telegram.

Hedging its bets, the company also said that some rivals were unhappy with its decision to offer free products to users, which also culminated in attacks on smaller scaler at its servers located in the Asia Pacific.

This article is brought to you by Enex TestLab, content directors for CSO Australia.

Feeling social? Follow us on Twitter and LinkedIn Now!