The DDoS attack also appears to have affected the messaging service's 200m users across the Americas as well as in some other countries according to a tweet sent out by the firm in which it also confirmed that user data was safe.
As opposed to a typical cyberattack which aims to gain access to a company's systems or its data, DDoS attacks are designed to take a service offline by flooding it with traffic thus making it unusable. Telegram compared a DDoS attack to ordering a Whopper from McDonald's in a tweet (opens in new tab), saying:
- DDoS attacks soar after long period of decline
- Malware behind biggest DDoS ever just got more dangerous
- As Telegram ban tightens, workaround options are slim for Russians
“A DDoS is a “Distributed Denial of Service attack”: your servers get GADZILLIONS of garbage requests which stop them from processing legitimate requests. Imagine that an army of lemmings just jumped the queue at McDonald’s in front of you – and each is ordering a whopper. The server is busy telling the whopper lemmings they came to the wrong place – but there are so many of them that the server can’t even see you to try and take your order. There’s a bright side: All of these lemmings are there just to overload the servers with extra work – they can’t take away your Big Mac and Coke. Your data is safe.”
Origin of the attack
Despite Telegram explaining the DDoS attack it suffered in a humorous way on social media, there is actually a more sinister side to the attack. According to Telegram founder and CEO Pavel Durov, most of the IP addresses behind the attack originated from China as he explained in a tweet (opens in new tab), saying:
“Historically, all state actor sized DDoS (200-400 GB/s of junk) we experienced coincided in time with protests in Hong Kong (coordinated on @telegram). This case was not an exception.”
The protests in Hong Kong started out peacefully but things became violent when several hundred protesters clashed with police outside the city's parliament.
The protests themselves were organized on Telegram, WhatsApp and other similar apps. However, Telegram has shown to be quite useful in these situations due to its encryption and the fact that users can create groups of up to 200,000 people as well as broadcast to an unlimited audience.
The South China Morning Post first reported on the role the messaging app played in the protests when a Telegram group administrator was arrested for conspiracy to commit public nuisance. The man allegedly had been communicating with 30,000 users who were planning to charge the Legislative Council Complex and block the roads that led to the building.
We will likely learn more once a full investigation is conducted but if China is behind the DDoS attack it shows that the country is willing to interfere with foreign services to keep its populace under control.
- Need to access the internet without restrictions? Check out the best VPN