Telegram Cancels Premium Subscriptions Received Fraudulently

In the summer of this year, Telegram introduced a Premium subscription, which provides additional functionality, as well as removing many limits and restrictions.

As it turned out now, many users did not buy a subscription through the official bot, but from third parties, with huge discounts. According to media reports, such “grey” subscriptions appeared due to a vulnerability in Telegram, which was discovered by three Moscow schoolchildren. Now such subscriptions are being cancelled.

Let me remind you that we also wrote that Implant FinSpy was able to read even the protected chat rooms in Telegram and WhatsApp.

The first messages about the deactivation of Premium subscriptions obtained by fraud began to appear on the evening of October 31, although no official comments were received from the messenger team.

The Durov Code publication conducted its own investigation of the incident, and said that last summer three Moscow schoolchildren (known by their nicknames Martov, Munfizy and Filya) discovered a vulnerability in Telegram, thanks to which a paid subscription could be obtained for free.

It all started with a bug that Martov discovered: at the moment of buying a gift on an iPhone with a jailbreak (and a tweak from Cydia – LocalIAPStore installed), he pressed the “Cancel” button, after which the action was canceled, but the Premium gift subscription was activated anyway.

As a result, friends decided to capitalize the discovered vulnerability, namely, to resell the Premium subscriptions obtained in this way. After all, all it took was a jailbroken iPhone and App Store gift cards.

Initially, friends were going to work together. Each had to buy three jailbreakable iPhones, as well as three $15, $25, and $45 App Store gift cards. This should have been enough to “gift” subscriptions for 3, 6 and 12 months, respectively. As Munfizy told reporters, this made it possible to sell subscriptions at a 50% discount from the official price list. According to Munfizy, word-of-mouth did the rest, and didn’t even have to buy advertising—sales were already growing at a tremendous rate.

However, soon the friends realized that they could no longer work together and split into two teams: Munfizy and Filya continued to work together, and Martov went “on a free voyage”. At first, they managed to agree on uniform prices, but both teams actively expanded, hiring more and more employees (initially they were mostly their friends and acquaintances). According to the publication, the increase in the number of people involved in this scheme that led to its collapse.

Single workers could make up to 200,000 rubles a day. It was difficult, but possible. It was necessary to serve about 3,000 customers at a time. Our entire network could bring in about 5,000-6,000 thousand dollars a day. I believe that Telegram’s losses can be from 3 to 5 million dollars. Only our two teams managed to activate subscriptions for more than 150,000 accounts.Munfizy told Durov’s Code.

Not surprisingly, many “employees” quickly came to the conclusion that they themselves could do just as well, and it would not be necessary to share profits with anyone. As a result, according to Munfizy, there were soon more than 25 such “companies” on the market offering premium subscriptions at a similar price. All of them exploited the same bug and worked according to the scheme originally invented by friends. “Someone bought it, and someone got it for free at all – out of friendship,” Munfizy explained.

Soon, new competitors began to lower prices in an attempt to attract users, and at some point, the cost of a Premium subscription on the black market fell by almost 10 times. That is, it got to the point that the annual subscription, bought from fraudsters, cost two times cheaper than the official Premium subscription for a month.

This state of affairs led to a quarrel between friends, as a result of which the scheme was first sold to the side for $5,000. Martov told Durov’s Code that he personally did not sell information about the scheme until recently. According to him, he did it only last week – the buyers were two users from China who paid $500 and $700.

Interestingly, one of the three discoverers of the bug, on condition of anonymity, disclosed to journalists his income from its exploitation. He claims that he managed to earn about $ 80,000, and the publication confirms this, as statements from his personal account were seen in the editorial office.

When friends were asked if they had thought to immediately report the vulnerability to the developers of the messenger and, probably, receive a reward for discovering the problem, they replied that they wanted to earn money and doubted that they would receive any payment from Telegram.

However, after all the controversy, quarrels and hard price dumping, Munfizy decided to make the scheme publicly available, as well as transfer the data to the Telegram team with an explanation of how to fix the bug that happened on October 29, 2022.

In a conversation with Code Durov, a source close to Telegram confirmed that the described vulnerability really existed and was closed. Moreover, according to him, the developers managed to identify users with such subscriptions, after which they began to turn off Telegram Premium.

Currently, Munfizy writes in the Telegram channel that he is considering the possibility of returning funds to customers affected by the cancellation of subscriptions in the amount of 5-10%. At the same time, the message emphasizes that Telegram did not pay “a single dollar” to bug users for disclosing a fraudulent scheme.
User Review
0 (0 votes)
Comments Rating 0 (0 reviews)

Daniel Zimmermann

Daniel Zimmermann has been writing on security and malware subjects for many years and has been working in the security industry for over 10 years. Daniel was educated at the Saarland University in Saarbrücken, Germany and currently lives in New York.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *


This site uses Akismet to reduce spam. Learn how your comment data is processed.

Back to top button