Pavel Durov, the founder of Telegram, recently boasted to Tucker Carlson that his company is “super efficient” with only 30 engineers on staff. However, security experts warn that this claim is a red flag for users, highlighting the platform’s vulnerabilities.
By default, Telegram chats are not end-to-end encrypted, making them vulnerable to interception. Users must start a “Secret Chat” to enable end-to-end encryption, which is a less secure option compared to Signal or WhatsApp. Additionally, Telegram’s proprietary encryption algorithm, created by Durov’s brother, has raised concerns about its effectiveness.
Eva Galperin, director of cybersecurity at the Electronic Frontier Foundation, emphasized that Telegram’s lack of resources and understaffed team make it an attractive target for hackers. “Thirty engineers” is not enough to effectively fight legal requests, handle abuse and content moderation issues, or deal with the sheer volume of user data.
Galperin also questioned the quality of Telegram’s engineers, suggesting that the company may not have the necessary expertise to secure its platform. As a social media platform, Telegram sits on a vast amount of user data, making it a lucrative target for hackers and government-backed actors.
Telegram did not respond to a request for comment on its cybersecurity infrastructure, including the presence of a chief security officer and the number of full-time engineers dedicated to securing the platform.
Cybersecurity experts have long warned that Telegram is not a secure messaging app, and Durov’s recent comments may have inadvertently confirmed their concerns. With over one billion users, including those in the crypto community, extremists, hackers, and disinformation peddlers, Telegram is an attractive target for both criminal and government hackers.
