Telegram accuses Meta of sabotage in India with BGP hijacking

What happened?

On May 11, 2024, Pavel Durov, founder and CEO of Telegram, posted a series of messages on his X account (formerly Twitter) accusing Indian operator Reliance Jio of carrying out BGP (Border Gateway Protocol) hijacking attacks against Telegram. According to Durov, Jio published false routing announcements associating Telegram's IP addresses with incorrect routes, making it difficult or impossible for users in India and other countries like the United Arab Emirates to connect. Durov claimed the sabotage appeared intentional, as Jio allegedly ignored multiple reports about the issue. He also suggested this could be part of a competitive war, given that Meta (owner of WhatsApp) invested $5.7 billion in Reliance Industries, Jio's parent company. For its part, Jio flatly denied the accusations in an official statement, asserting that it operates its network in accordance with global best practices for routing and the highest standards of reliability, security, and transparency.

Context and background

Durov's accusations come just days after the Indian government blocked Telegram for six days (May 2-7, 2024) to prevent fraud and leaks related to the medical entrance exam (NEET PG), which over two million students were about to take. The block was ordered by India's Ministry of Information Technology at the request of the National Testing Agency (NTA), not on Meta's initiative. Durov linked this block to alleged pressure from Meta to protect WhatsApp's market share in India, where Telegram has over 150 million users. However, various Indian entities, including telecom operators and industry groups, had previously called for Telegram's regulation due to its lack of cooperation with authorities, its use in content piracy, and the ease of anonymity. Indian operators also complain that apps like Telegram and WhatsApp offer voice services without being subject to the same regulations as telecoms, creating commercial tensions.

Why is this important?

If the accusations were true, they would represent a serious attack on the integrity of the internet. BGP hijacking is a malicious routing technique that can divert traffic, intercept communications, or deny access to services. A large operator like Jio deliberately using it to favor an investor like Meta would be a scandal of net neutrality and unfair competition. However, Durov has not presented technical evidence to support his claims, and Jio has denied any wrongdoing. This incident is not the first of its kind: in 2018, a BGP hijack diverted traffic from Google, Apple, Facebook, and other services through Russia, though it was never clarified whether it was intentional. In 2021, a BGP hijack affected Microsoft and other companies due to a misconfiguration by a Chinese ISP. The lack of security in BGP is a known problem: according to the 2023 MANRS report, less than 30% of network operators implement proper route filters, and only 15% use RPKI (Resource Public Key Infrastructure) to validate announcements. The incident also highlights the growing tension between big tech and telecom operators in India, where operators complain that apps like Telegram and WhatsApp offer voice services without being subject to the same regulations as telecoms. Additionally, Meta's investment in Reliance creates a potential conflict of interest, though it does not necessarily imply sabotage occurred.

Potential consequences

If confirmed, the accusations could lead to regulatory investigations in India and other countries, damage the reputation of Meta and Jio, and prompt stricter rules on BGP routing. On the other hand, if proven unfounded, Durov could lose credibility and face legal action for defamation. For users, the episode underscores the need for security protocols like RPKI to prevent BGP hijacking and the importance of transparency in relationships between large corporations. Furthermore, this case could accelerate the adoption of measures like MANRS (Mutually Agreed Norms for Routing Security), an initiative promoting best practices in routing. In the market, if Telegram loses users in India due to access issues, WhatsApp could benefit in the short term, but the controversy could also generate distrust toward Meta-controlled services. For investors, Meta's stake in Jio ($5.7 billion) could be affected if misconduct is proven. Likewise, the incident could influence Indian regulatory decisions on net neutrality and competition in the communications market.

What should readers know?

• Durov's accusations are serious but not backed by public evidence. Until verifiable technical data is presented, they should be treated as an unconfirmed allegation.
• The block on Telegram in India was a government decision based on combating exam fraud, not directly attributable to Meta.
• Meta has a significant stake in Jio, creating a potential conflict of interest, but it does not necessarily imply sabotage occurred.
• The incident reflects the fragility of the internet routing system and the need to improve BGP security.
• It is important to follow independent technical sources, such as MANRS reports or network operator reports, to verify whether there were actually routing anomalies for Telegram toward Jio.
• Durov has a history of making controversial statements to defend Telegram's privacy, but also to promote his platform against competitors.

Source analysis

The information comes from an article by The Register (reliability 80/100), which in turn cites Durov's messages on X and Jio's response. No other independent sources confirming the facts have been found. Therefore, the content should be considered primarily as Durov's version, contrasted with Jio's denial. It is recommended to consult additional sources such as BGP incident reports from the network operator community (NANOG, RIPE) and official statements from Meta and Reliance. To date, no independent entity has corroborated the accusations, and Jio has denied any wrongdoing. In similar past cases, such as the 2018 BGP hijack related to Russia, investigations concluded it was a configuration error, not an intentional attack. Therefore, a healthy skepticism should be maintained toward Durov's claims until concrete evidence is presented.