Attackers clobber Telegram messaging app in Australia, APAC

Messaging app Telegram says it has been hit by a large attack that knocked out its service for users in Australia and the Asia Pacific region.

The app, which promotes itself as a secure messaging platform and claims to have 60 million users worldwide, says a wave of distributed denial of service (DDoS) attacks have disrupted services to users in the region over the past week.

On Saturday the company said it had endured the third day of DDoS attacks that threw [xref:|SYN requests]], at a rate of 200Gbps, to its servers located in the Asia Pacific.

The attack is far from the largest known DDoS attack in history but is nonetheless sizeable compared to the thousands tracked each day DDoS protection firm Arbor Networks. In January the firm reported the largest DDoS attack on its records at 400Gbps, which used a technique known as NTP reflection and was levelled at an unnamed ISP. The largest attack in 2013 reached 245Gbps.

Telegram posted several tweets on the weekend drawing attention to the attacks, which first affected users in India but later spread to other regions.

A tweet on Friday from Pavel Durov, Telegram’s founder and CEO, the former CEO of Russia’s Facebook-like social network VKontake, suggested one of its messaging app rivals may be behind the attack.

The company has taken a gamble on the notoriously difficult task of attributing attacks, laying out further details in a blogpost on Sunday that suggested the rival attacker was based in South Korea.

“By now we know that the attack is being coordinated from East Asia,” it said.

It said the last time it was hit by a large scale DDoS attack was when the South Korean government clamped down on users of local messaging app Kakao Talk — an act that reportedly drove many of its users to Telegram.

“We've noticed a three-fold increase in signups from South Korea in the last two weeks. The last time we were hit by a massive DDoS was in late September, 2014, in the wake of the South Korean privacy scandal when signups from that country spiked as well,” said Telegram.

Hedging its bets, the company also said that some rivals were unhappy with its decision to offer free products to users, which also culminated in attacks on smaller scaler at its servers located in the Asia Pacific.

This article is brought to you by Enex TestLab, content directors for CSO Australia.

Feeling social? Follow us on Twitter and LinkedIn Now!

Join the CSO newsletter!

Error: Please check your email address.

Tags arbor networksTelegramKakao TalkDDoS Protectionapacembedded chips(DDoS) attacks

More about Arbor NetworksCSOEnex TestLabFacebookTwitter

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Liam Tung

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts