Exploiting a vulnerability in Telegram's system that allows fo | Kali Linux

Exploiting a vulnerability in Telegram's system that allows for matching user IDs with phone numbers

Russian security forces and officials employ a system known as "Insider," alongside Telegram bots, to de-anonymize users by exploiting a vulnerability in Telegram's system that allows for matching user IDs with phone numbers, thereby revealing their identities. This system, which utilizes leaked databases from sources like Yandex and Wildberries, is part of a broader initiative called "Demon of Laplace," aimed at monitoring social networks and identifying activists. The purchase of "Insider" by authorities, under contracts signed by several Russian regional departments, is funded by budget money.

The developer behind "Insider," Evgeny Venediktov, is known for his controversial past, and the legality of employing such systems for de-anonymization purposes raises significant questions under Russian law.

STATISTICS:
- More than 76 million mobile numbers are loaded into the "Insider" system from leaked databases.
- One license for "Laplace's Demon" costs on average 500 thousand rubles. ($5500 USD)
- In 2019, the database used had 10 million numbers, which has now grown to more than 76 million.
@kalilinux

Sources: [researcher lordx64 - zakharovchannel]