Can Telegram Be Hacked? Everything You Need to Know

Chris Thompson

By Chris Thompson

Published:

You’ve probably heard that Telegram is one of the most secure messaging apps out there. With its reputation for privacy and encryption, over 1 billion people use it every month to share everything from casual conversations to sensitive business information.

But here’s the question that might be keeping you up at night: can Telegram actually be hacked?

The short answer is yes—but probably not in the way you think. While Telegram’s encryption itself is incredibly difficult to crack, hackers have found other ways to compromise accounts and steal your messages. From linked device abuse to malware that hijacks your desktop sessions, there are real threats you should know about.

In this article, we’ll break down exactly how Telegram accounts get compromised, some previous Telegram hacks, and most importantly—how you can protect yourself.

Table of Contents

What Does “Hacked” Really Mean on Telegram?

When people worry about Telegram being “hacked,” they’re usually thinking about different scenarios. Let’s clear up what each one actually means.

Your account gets taken over

This is when someone else logs into your Telegram account without installing anything on your phone. They can read all your cloud chats, send messages as you, and basically impersonate you until you kick them out.

How does this happen?

  • Scanning a QR code that gives someone access to your account.
  • Giving away your SMS login code through phishing.
  • Not having two-step verification enabled.

Your device gets infected with malware

Spyware or malware on your phone can monitor everything you do on your device—reading your Telegram messages, capturing screenshots, recording your calls, and even tracking your location. This type of threat runs silently in the background, so you might not even know it’s there.

Mobile spyware doesn’t need to break Telegram’s encryption because it captures everything directly from your device before it gets encrypted or after it’s been decrypted for you to read.

If you suspect your phone might be compromised, running a security scan is the fastest way to find out. Certo AntiSpy for iPhone or Android can perform a deep scan of your device to detect spyware, stalkerware, and other threats that might be secretly monitoring your Telegram activity.

Fig 1. Finding spyware with Certo AntiSpy for Android.

An actual app vulnerability

These are rare but real. In 2024, Telegram for Android had a serious security flaw called “EvilVideo” that let attackers disguise malware as a video file. The good news? It was patched quickly in July 2024.

Pro Tip: Always keep your Telegram app updated to the latest version. Security patches like the one that fixed EvilVideo are released regularly to protect you from known threats.

The Zero-Day That Made Headlines

In summer 2024, security researchers discovered a vulnerability in Telegram for Android that put a question mark over its previously strong security reputation. Here’s what you need to know about it.

What was “EvilVideo”?

The vulnerability, officially designated CVE-2024-7014 and nicknamed “EvilVideo,” affected Telegram Android versions 10.14.4 and earlier. It allowed attackers to send what looked like an innocent 30-second video through Telegram channels or direct messages.

But here’s the trick: it wasn’t actually a video. It was a malicious app (APK file) disguised to look like one.

When victims tried to play the “video,” they’d see a message asking them to open it in an external player. That’s when the trap closed—clicking that option would start installing malware on their phone.

Fig 2. EvilVideo malware pop-up. (Source: ESET)

What this means for you

Telegram patched this vulnerability on July 11, 2024, with version 10.14.5. If you’re running this version or newer, you’re protected.

However, this incident proves that Telegram is not immune to vulnerabilities that hackers exploit. It also shows that:

  • The Telegram team responds quickly to security issues.
  • Keeping your app updated is absolutely critical.
  • Being suspicious of unexpected files—even “videos”—is smart.

To check your Telegram version on Android, open the app, tap Settings and scroll down to see the version number at the bottom.

The Most Common Ways Telegram Gets “Hacked”

While app vulnerabilities like EvilVideo make headlines, they’re actually not how most Telegram accounts get compromised. Let’s look at the real threats you’re much more likely to face.

Linked device abuse

This is by far the most common way Telegram accounts get compromised. Here’s how it works:

Telegram lets you link multiple devices to your account so you can use it on your phone, desktop, and tablet simultaneously. This is convenient, but it creates a security risk.

Scenario 1: Phishing attacks

Scammers create fake “Telegram Web login” pages that look legitimate. When you scan the QR code displayed on these phishing sites, you’re actually authorizing a real Telegram session—but it’s controlled by the attacker.

Once you scan it, they now have a fully authorized session on your account. They can read all your cloud chats, send messages as you, and access your contacts.

Scenario 2: Physical access

This one’s even more common and often goes unnoticed. A controlling partner, nosy roommate, or prying boss gets brief access to your unlocked phone.

In just seconds, they can go to their computer, open Telegram Web, scan the QR code with your phone, and link your account to their device. Now they can monitor all your messages without you realizing it.

Fig 3. Official Telegram Web website.

Important: While Telegram does send you a notification when a new device is linked, it’s easy to miss or dismiss if you’re not paying attention. Even worse, if someone has brief access to your phone, they can simply delete the notification message before you see it.

How to protect yourself:

  • Never scan QR codes from suspicious websites or messages.
  • Use a strong unlock passcode on your phone and never share it with anyone.
  • Regularly check your active sessions.

Pro Tip: To view your active sessions on Telegram, open the app and go to Settings > Devices. If you see any devices you don’t recognize, terminate them immediately.

SIM swap and SMS code interception

If you haven’t set up two-step verification, an SMS code alone can log someone into your Telegram account. And there are several ways attackers can intercept those codes:

SIM swapping happens when criminals convince your phone carrier to transfer your number to a SIM card they control. In the United States, SIM swap fraud resulted in nearly $50 million in losses in 2023, according to the FBI’s Internet Crime Complaint Center.

SS7 attacks exploit vulnerabilities in the phone network infrastructure to intercept SMS messages. While this requires more technical skill, it’s still something you should be aware of.

Once attackers have access to your SMS codes, they can log into your Telegram—and probably a bunch of your other accounts too.

How to protect yourself:

Enable two-step verification in Telegram immediately. Here’s how:

  1. Open Telegram and go to Settings.
  2. Tap Privacy and Security.
  3. Select Two-Step Verification.
  4. Tap Set Additional Password.
  5. Create a strong password that you don’t use anywhere else.
  6. Add a recovery email (optional but recommended).

Now even if someone gets your SMS code, they still can’t log in without that extra password.

Desktop session theft

Here’s something most people don’t know: Telegram Desktop stores your session data in a folder called tdata on your computer. If malware gets hold of this folder, attackers can copy it to their own computer and instantly access your Telegram account as if they were you—without needing your password or any login codes.

This type of attack has become increasingly common. In 2025, security researchers at Imperva discovered malicious packages on PyPI (a Python software repository) specifically designed to steal Telegram Desktop’s tdata folder and sell the stolen identities on dark web markets.

Various infostealer malware—such as RedLine, Raccoon, and Phemedrone—actively hunt for this folder when they infect computers too.

How to protect yourself:

  • Keep your computer’s antivirus software updated.
  • Only download software from trusted sources.
  • Regularly check your active Telegram sessions.
  • If you suspect your computer has been infected, log out of all sessions and change your password.

Pro Tip: After cleaning malware from your computer, go to the Telegram app on your phone, tap Settings > Devices and then tap “Terminate all other sessions” to kick out any unauthorized access.

Bots and mini-apps

Telegram bots are automated accounts that can perform tasks like sending you news updates, helping you find GIFs, or managing group chats. Mini-apps are small programs that run inside Telegram, letting you do things like play games, order food, or shop without leaving the app.

While these features add lots of useful functionality, they also come with security trade-offs that most users don’t realize.

Unlike your regular Telegram messages, bot communications aren’t protected by Telegram’s MTProto encryption. Instead, they use standard HTTPS/TLS encryption, which means the bot operators can see the messages you send to their bots.

In 2024, security researchers also demonstrated how malicious mini web apps could exploit cross-site scripting (XSS) vulnerabilities to hijack Telegram Web sessions with just one click.

How to protect yourself:

  • Don’t add bots to group chats containing sensitive information.
  • Only use bots from trusted, verified developers.
  • Be cautious about which mini-apps you interact with.
  • Review the permissions you’ve granted to bots in your settings.

Third-party Telegram mods

Some users install modified versions of Telegram with extra features—things like custom themes, additional privacy options, or unique functionality. While some of these mods are legitimate, others contain serious security flaws.

For example, a major vulnerability was discovered in the Hikka userbot (a popular third-party Telegram modification). Versions before 1.6.2 contained a critical flaw that could let unauthenticated attackers take over accounts.

The problem? These third-party mods don’t get Telegram’s official security updates, and you’re trusting an unknown developer with access to your account.

How to protect yourself:

Stick with the official Telegram app from the App Store or Google Play Store. The few extra features you gain from mods aren’t worth the security risks.

Protect against modern spyware

Spyware keeps advancing—protect your iPhone or Android today. Run a scan with Certo to detect and remove hidden threats in just a few minutes.

Scan iPhone Scan Android

How to Tell If Your Telegram Account Has Been Compromised

Worried your Telegram might already be hacked? Here are the warning signs to watch for:

  • Messages you didn’t send: Your contacts mention messages or files you never sent them.
  • Unknown active sessions: Strange devices appear in your Active Sessions list.
  • Unexpected logouts: You’re suddenly logged out of Telegram without explanation.
  • Changed settings: Your privacy settings, profile picture, or bio changed without your input.
  • Missing messages: Conversations or messages have been deleted that you didn’t remove.
  • Unusual bot activity: Bots you don’t remember adding appear in your chat list.
  • Two-step verification disabled: Your extra password protection was turned off without your knowledge.

How to check your active sessions

  1. Open Telegram.
  2. Go to Settings.
  3. Tap Devices.
  4. Review any active sessions carefully.

Fig 4. Checking Active Sessions in Telegram.

You should recognize every device on this list. If you see anything suspicious (an unfamiliar location or device type) terminate that session immediately.

Each session shows:

  • Device type and name
  • Location (city and country)
  • Last active time

How to Protect Your Telegram Account

Now that you know the risks, let’s talk about protecting yourself. These steps will dramatically reduce your chances of getting hacked.

Enable two-step verification

We mentioned this before, but it’s worth repeating: enabling two-step verification is the single most important thing you can do to protect your Telegram account.

In the Telegram app, go to Settings > Privacy and Security > Two-Step Verification and set it up now if you haven’t already. Choose a strong, unique password and add a recovery email.

Fig 5. Enabling two-step verification on Telegram.

Regularly audit your active sessions

Make it a habit to check your active sessions at least once a month. If you see anything suspicious, terminate it immediately and change your password.

You can also use the “Terminate all other sessions” option if you want to force a clean slate—but remember, this will log you out of all devices except the one you’re currently using.

Be extremely cautious with QR codes

Never scan a Telegram QR code from:

  • Text messages or emails
  • Social media posts
  • Websites you arrived at through links
  • Pop-up windows or advertisements

Only scan a QR code in the Telegram app when you are personally trying to link one of your own devices using the official Telegram Web website (web.telegram.org).

Set a passcode lock within Telegram

Adding a passcode lock to your Telegram app creates an extra layer of security. Even if someone has access to your unlocked phone, they won’t be able to open Telegram without knowing your passcode.

To setup:

  1. Open Telegram and go to Settings
  2. Tap Privacy and Security
  3. Select Passcode Lock
  4. Tap Turn Passcode On
  5. Choose a strong passcode (numbers or alphanumeric)

Fig 6. Adding a passcode lock to Telegram.

Pro Tip: Set the “Auto-Lock” timer to a short period (like 1 minute) so Telegram locks itself quickly when not in use. This prevents someone from accessing your messages if you step away from your phone briefly.

Keep your apps updated

Enable automatic updates for Telegram on both your phone and desktop. Security patches like the one that fixed the EvilVideo vulnerability are released regularly.

On iPhone: Go to Settings > Apps > App Store and enable App Updates.

On Android: Open the Play Store > Profile Icon > Settings > Network Preferences and tap Auto-update apps.

Avoid public Wi-Fi for sensitive chats

Public Wi-Fi networks are often unsecured, making them easier targets for attackers to intercept data. If you must use public Wi-Fi, consider using a VPN to encrypt your internet connection.

We recommend Certo Secure VPN for reliable protection when browsing on public networks.

Use Secret Chats for sensitive conversations

Secret Chats offer stronger privacy protection than regular chats because they:

  • Use end-to-end encryption.
  • Don’t store messages on Telegram’s servers.
  • Support self-destruct timers.
  • Can’t be forwarded.

To start a Secret Chat, tap on a contact’s profile and select “Start Secret Chat.”

Run regular security scans

Spyware and malware typically operate silently in the background and can be hard to spot. Regular security scans help catch threats before they cause serious damage.

Certo AntiSpy for iPhone and Android offer comprehensive protection against spyware, malware, and other privacy threats.

Pro Tip: If you notice any unusual behavior on your phone—unexplained high data usage, strange background noise during calls, or apps you don’t remember installing—run a security scan immediately.

Don’t install third-party Telegram mods

We mentioned this earlier, but it bears repeating. Modified Telegram apps might offer unique features, but they come with serious security risks. Stick with the official app.

Review bots and mini-apps

If you use bots and mini-apps, periodically review which ones you have set up and remove any you do not recognize.

To remove a bot in Telegram, open the chat with the bot, tap on its name at the top, and then select Stop Notifications or Delete Chat.

To remove a Telegram mini-app, swipe down on the app’s header to minimize it, then drag the minimized app icon to the Remove pill at the bottom of the screen.

Be skeptical of urgent messages

Scammers love creating a sense of urgency. If you receive a message claiming your account will be deleted, your security is compromised, or you need to verify your identity immediately—stop and think. Telegram will never ask you to share your login code or password.

Wrapping Up

The truth is, Telegram itself is a secure platform with strong encryption. But that doesn’t mean your account is invincible. The weak link is almost always human behavior—falling for a phishing scam, skipping two-step verification, or ignoring those “update available” notifications.

The good news? You’re already ahead of most users just by educating yourself about these risks. Take 5 minutes today to enable two-step verification, check your active sessions, and make sure your app is up to date. These simple steps will put you miles ahead of potential hackers.

And if you’re worried your phone might already be compromised, don’t ignore that feeling. Run a security scan with Certo AntiSpy to check for spyware and other threats.

FAQs

Can Telegram be hacked by police?

Police don’t typically “hack” Telegram’s encryption. Secret Chats and video calls use end-to-end encryption that even Telegram itself can’t decrypt.

However, law enforcement can access regular cloud chats through legal requests or device seizure.

After Telegram’s September 2024 policy update, they can disclose phone numbers and IP addresses to authorities in criminal cases.

Can Telegram video calls be hacked?

Telegram voice and video calls are end-to-end encrypted, so the call content itself is secure from interception.

However, if spyware is installed on your device, it could record your screen, capture audio, or take screenshots during calls. This is a device security issue, not a Telegram vulnerability.

You can verify your call’s encryption by comparing the four emojis that Telegram displays during calls with your call partner.

Is Telegram safer than WhatsApp?

Both apps offer strong security features, but they work differently. WhatsApp uses end-to-end encryption by default for all chats, while Telegram only does this for Secret Chats. Regular Telegram messages are stored on their servers with client-server encryption.

For maximum privacy, use Secret Chats on Telegram.

Can someone hack my Telegram if they know my phone number?

Your phone number alone isn’t enough to hack your Telegram. However, combined with SIM swapping or SMS interception, it could be used to receive your login codes. This is why enabling two-step verification is so important.

Can deleted Telegram messages be recovered by hackers?

Messages in Secret Chats that you’ve deleted are generally unrecoverable because they’re only stored on the devices of the participants.

However, regular cloud chats that you delete may still exist on Telegram’s servers for a time. If someone already has access to your account, they might be able to see message history before you delete it.

How do I know if someone is reading my Telegram messages?

Check your Active Sessions regularly for unfamiliar devices. If you see a session you don’t recognize, someone may have unauthorized access.

Also watch for messages marked as “read” when you haven’t opened them, or messages/chats that disappear without your action.

Chris Thompson

By Chris Thompson

Fueled by his passion for technology, Chris leverages his expertise to raise awareness about the evolving cyber threats in the digital landscape. With an in-depth understanding of tech trends and consumer behavior, he's committed to making the digital world safer for everyone.