The events surrounding Pavel Durov’s arrest on 24 August 2024 due to Telegram’s suspected operational crimes worsened discussions on topics such as digital privacy, end-to-end encryption, and the responsibility of online platforms.
This case also demonstrates the clash between the police and secure messaging applications.
Pavel Durov is viewed in hacktivist circles as the creator of both Vkontakte (VK) and Telegram, so why is there such a controversy surrounding the MTProto encryption protocol and Telegram’s cloud storage architecture?.
In the past, VK was significant mainly due to the provision of the API and lack of moderation of the content, which unintentionally enabled the creation of a network.
It has raised questions about the security of messaging apps due to possible backdoors and revived the debate about national security versus user privacy in the modern world.
The #FreeDurov – Hacktivists Rally
Telegram, owing to its minimal moderation and Durov’s libertarian approaches, quickly became a center for pro-Russian hacktivists such as UserSec, People’s Cyber Army, and CyberDragon groups.
Here below we have mentioned all the names of key Russian hacktivist groups and their allies:-
- People’s Cyber Army
- UserSec
- CyberDragon
- EvilWeb
- Rootsploit
- CGPlnet
- Overflame
- ReconSploit
- RipperSec
- 62IX (did not actively participate but supported #freedurov campaign)
- High Society (alliance)
- Holy League (alliance)
Durov’s arrest in France on 24 August 2024 gave birth to the #FreeDurov and #OpDurov movements which brought together previously conflicting factions of Russian society.
This also led to a rash of Denial of Service (DOS) attacks and claims of attacks against French and EU computer networks and systems.
.webp)
It is significant to note that UserSec has also been responsible for attacks against the French Court of Cassation and the Administrative Court of Paris, whereas the People’s Cyber Army hacked Industrial Control Systems (ICS) at the wind farm Parc Eolien de Tenbonrev, based in Brittany, and operated the power transmission Control panels.
The orchestrated attack was not limited to only terrorist organizations’ actions and infrastructural interdependencies but also included their coordinated strikes against airports, ferry services, the financial structures of the AXA Group, or educational structures such as the Agence Universitaire de la Francophonie (AUF), demonstrating the hacktivists’ capacity for multi-vector attacks against critical infrastructure.
.webp)
The mid-August 2024 leak of the “Kordon 2023” FSB Border Service database on Telegram channels exposed Pavel Durov’s 50+ trips to Russia during 2014-2023, rejecting his claimed severance from the country.
One of the leaks containing the above information occurred just before Durov’s arrest in Paris, and it’s worth pointing out that during one such visit, Roskomnadzor lifted the ban on Telegram.
This incident prompted the rise of the #FreeDurov campaign, and the campaign enlisted pro-Russian, pro-Palestinian, and French hacktivists on Telegram.
This incident illustrates the conflict between the national authority’s requirements concerning content regulation and the users’ right to privacy in the context of social networking services. It may have repercussions on digital communication and the protection of users’ communication in the future.
Are You From SOC/DFIR Teams? - Try Advanced Malware and Phishing Analysis With ANY.RUN - 14 day free trial