Your Telegram got hacked? Here's what you can do about it (Header image)
Security 11 min read

Your Telegram got hacked? Here’s what you can do about it

byRay Fernandez

Published:Sep 22, 2025

Thanks to an unwavering commitment to privacy and anonymity, Telegram continues to be one of the most popular messaging apps among users who value having full control over their online interactions. However, one thing Telegram isn’t known for is security. At least, not when compared to other messaging apps like WhatsApp and Signal.

Your Telegram account isn’t immune to hacking just because it’s anonymous. Neither is your sensitive information immune to theft just because the parent company doesn’t collect much data on you. In order to stay safe, you still need to keep an eye out for suspicious activity on your account and avoid actions that could put the security of your account at risk.

Can someone hack your Telegram?

Unfortunately, hackers can definitely hack your Telegram account. As a general rule, all online accounts are susceptible to hacking. This includes Telegram. Used by millions of people worldwide, the app is an attractive target to hackers looking to mass-exploit a vulnerability in the system for their own gain.

But aside from the cybersecurity risk, one of the easiest ways to steal a Telegram account is by gaining physical access to an unlocked device with the app on. There’s very little that Telegram’s internal security features can do in the face of device theft. Even the company admits that they can’t protect you in that situation unless you take immediate action to restore your account.

Your Telegram account can also be hacked through more “traditional” means, like phishing, malicious software like spyware, and man-in-the-middle (MITM) attacks. At the end of the day, Telegram is a messaging app like any other, and you need to be careful about your online activity to avoid increasing your risk of attack.

How secure is Telegram?

Telegram’s reputation is mainly based on users’ perceptions derived from its messaging features. And when compared to WhatsApp and Signal, most experts say that Telegram sits between these two apps in terms of privacy and security.

When it comes to encryption, Telegram only uses E2E encryption for messages sent in Secret Chat mode. The app encrypts common messages sent over the cloud using client-server/server-client encryption developed in-house. The encryption cannot be verified externally to test its security, raising eyebrows among security experts.

Furthermore, Telegram does not turn on Secret Chat by default. Users need to open their profile and tap Start Secret Chat to use this feature.

How to turn on Secret Chat in Telegram: Screenshot 1
How to turn on Secret Chat in Telegram: Screenshot 2

Like Snapchat, Telegram provides message self-destruct capabilities with this feature. WhatsApp, on the other hand, uses end-to-end encryption E2E with three keys for all its messages. This encryption protocol is the same as the one Signal uses.

Regarding privacy and your data, WhatsApp collects and gathers a lot of your personal data. This includes location, IP address, contacts, updates, ISP details, mobile phone model, purchase history, crash data, performance, and interaction data. By contrast, Telegram only asks for your phone number, email, and contact info and keeps primary data on your contacts. Finally, Signal only asks for a phone number.

In other words, Telegram’s encryption is weaker than Signal and is not always turned on like WhatsApp. And while Telegram has tighter privacy policies for your data, they do not outperform those used by Signal.

Risks and consequences of a hacked Telegram account

Depending on how long and for what purpose you’ve been using Telegram, the risks and consequences of your account being compromised can range from an inconvenience to major damage to your finances, reputation, and mental health, including:

  • Exposing private conversations: Anyone who has access to your Telegram account can view and share all your past conversations, with the exception of Secret Chats, where a self-destruction timer has been set.
  • Identity theft and impersonation: A hacker can continue to use your Telegram account as if they were you. They can talk to your contacts and ask them for money, account passwords, or other sensitive information.
  • Losing linked accounts: If you use Telegram to log in to other accounts or services, you might lose access to those, as well.
  • Access to shared media and files: Any files, photos, videos, or audio clips you have shared via Telegram messaging can be accessed by the hackers. They might choose to leak your personal media or blackmail you into keeping it private.

Is hacking a Telegram group common?

Hacking Telegram groups is not uncommon. Telegram groups can have up to 200,000 members, making them very attractive tools for cybercriminals to run their campaigns.

Common scams used in hacked Telegram groups include:

  • Fake Telegram groups
  • Crypto scams
  • Phishing scams
  • Tech support scams
  • Cryptocurrency giveaways
  • Ad scams
  • Fake jobs, fake interview requests
  • Group phishing

Additionally, by default, anyone can add you to a group without your permission. You can opt out of this option by going to your Settings and navigating to Privacy and Security > Groups & Channels, and changing Who Can Add Me to My Contacts only.

Set who can add you to Telegram groups without your permission: Screenshot 1
Set who can add you to Telegram groups without your permission: Screenshot 2

Can you get hacked through a Telegram bot?

If you have reason to think, “My telegram account is hacked,” you should learn how bots work in Telegram.

Any person with a telephone number can create a Telegram account, and with that privilege, they can easily create an AI-driven bot. Telegram bots use natural language processing and AI to create human-like conversations. This automation allows scammers to expand their reach instantly and significantly.

Using bots, cybercriminals can pose as banks, financial institutions, account login and security teams, and digital service providers like PayPal, Apple Pay, Google Pay, and others. Furthermore, they can reach thousands or millions of users with bots. These bots will try to trick users into giving away sensitive information, financial data, passwords, and other critical details.

To stay safe from malicious Telegram bots:

  • Double-check the source of any message your get.
  • Be suspicious of messages that sound urgent.
  • Never share passwords or personal data online.

Is it possible for someone to hack my phone through Telegram?

Yes, it is indeed possible to hack a phone through Telegram. End-to-end encryption is enabled for individual chats, but phishing links with social engineering tactics could be used to trick you into downloading malware onto your device.

Telegram would merely be the “vehicle” used to introduce malware onto your phone. Once the malware is there, it can begin installing its own apps or stealing your sensitive data.

Be extremely cautious if you are sent a link, even if it’s from somebody you think you know well enough. Like any other messaging app, Telegram isn’t 100% safe from hackers and never will be.

Common ways to hack a Telegram account

There are many reasons why Telegram accounts are hacked. And while all of them are illegal, most occur due to phishing, malware, or intercepted verification codes. Some monitoring or parental control apps can access Telegram activity, but only if they are installed directly on the device with proper permissions.

One notable way that Telegram can be hacked is through verification code grabbing. Attacking an encrypted app with brute force to try to break down the door is futile, especially with robust modern encryption protocols. Instead, hackers opt to steal the keys to the door.

This method was employed by Russia and Iraq in the mid-2010s. The governments could force local telecommunication companies to hand over the Telegram verification codes of particular phone numbers, gaining them access to their target’s Telegram account without having to go through the company.

Individual hackers also employ verification code grabbing, but mainly through SIM swapping. Attackers attempt to bribe or trick (through sophisticated social engineering) the cell provider into re-issuing your phone number to a SIM card they control. Once they have your phone number, they can receive your account’s verification codes on their own device instead.

But that’s just the tip of the iceberg. There are many more ways your Telegram account can be hacked, such as:

  • Phishing and social engineering (tricking users into giving away credentials)
  • Forwarding calls
  • Malware sent via Telegram messages
  • Monitoring and parenting spyware apps like Spyic
  • Brute force attacks (running software that tests hundreds of thousands of passwords)
  • Ransomware, data exfiltration, or leaks (a company can be hacked, and user data can be leaked or sold)
  • Other cybercriminal techniques used to hack messaging apps

Other popular messaging platforms like Viber, WhatsApp, and Facebook Messenger are not immune to hacks too. Cybercriminals use similar methods like phishing, malware, and exploiting app vulnerabilities to gain access to accounts. 

What to do if your Telegram has been hacked

There are several things you can do if you think your Telegram has been hacked. These range from removing devices from your account to enabling and strengthening your passcode lock option, activating two-factor authentication, changing your phone number, or even deleting your account if necessary.

How to set up a passcode and 2FA in Telegram

Setting two-factor authentication and a passcode in Telegram is very simple and an excellent way to increase your security. If anyone gets access to your account or your phone, they will need to know your passcode or password to verify their identity.

To set up a passcode for Telegram:

  1. Open the Telegram app.
  2. Go to Settings. Then go to Privacy and Security.
  3. Select Passcode & Face ID for iPhone models or Passcode & TouchID for older iPhone models. On Android devices, select Passcode Lock.
  4. Tap Turn Passcode On and enter a numerical passcode that will lock your Telegram app.
  5. Select Passcode options if you want to switch between a four-digit or six-digit passcode.
  6. Now select the Auto-lock option to customize the duration for the lock. It can be anything from 1 minute to 1 hour or longer.
How to set up a passcode for Telegram: Screenshot 1
How to set up a passcode for Telegram: Screenshot 2

To set up 2FA in Telegram:

  1. Go to Settings. Then go to Privacy and Security.
  2. Select Two-Step Verification.
  3. Set a password.
  4. Add a hint to your password.
  5. Now enter a recovery email to get your verification code.
  6. Enter the code sent to your email.
  7. Your 2FA should now be active.

How to remove devices from my Telegram

To remove devices from your Telegram account:

  1. Open the Telegram app.
  2. Go to Settings, then Devices. You will see a list of devices that are using your Telegram account.
  3. If you see an unknown device, tap the device’s name.
  4. Select Terminate Session to remove it from your Telegram account. Additionally, you can toggle the option to disable incoming calls for the device.
How to remove devices from my Telegram: Screenshot 1
How to remove devices from my Telegram: Screenshot 2

Notify your Telegram contacts after a hack to prevent scams

If your account has been hacked, there’s often very little you can do to restore it before a hacker gets access to all your data. Your best option is to minimize the damage by informing everyone on your contact list, either through text messages, calls, or other social media platforms, that your Telegram account has been hacked.

This can help prevent impersonation or identity fraud. Also, your contacts can delete any private messages or shared media from their accounts, hopefully before the hacker gets to them.

How to recover Telegram if your phone was stolen

If someone has stolen your phone, you should take immediate action. Whoever has your phone number also effectively has your Telegram account. However, you can still log in to your account on another device and try to salvage the account.

Here’s what to do if you lose your phone:

  1. Go to Settings, then Devices (or Privacy and Security > Active Sessions), and terminate your Telegram session on the old device. The person who stole your phone will not be able to log in again, since they need the password. 
  2. Contact your phone provider and ask them to block your old SIM and issue you a new one. To switch to a new phone number, go to Settings, tap on your phone number, and change your Telegram number.

How to check if your Telegram account has been hacked

There are various red flags to look out for that may indicate that your Telegram account has been hacked. Have any of the following happened to you?

You can’t log in

Like WhatsApp, Telegram uses your phone number as your login credentials. If you can’t log in to your Telegram account, it could indicate that a hacker has gained access to your account and changed the registered number to their own.

Your bio and image have been changed

If you notice that the bio and image on your account are not yours, then you have an unwelcome visitor in your Telegram account.

Like on Instagram, many unique usernames are coveted on Telegram. This can lead to someone hacking your account to change the phone number and take the account for themselves. They would then change the bio and image.

Strange notifications

If your Telegram account starts telling you that you’ve joined groups that you don’t recognize or if you see you’ve sent messages that you definitely didn’t write, it’s a major red flag that your account may have been hijacked.

How can you report a hacked Telegram account?

Reporting a hacked Telegram account is the essential next step. However, Telegram’s method of letting people report compromised accounts is rather unusual. 

You are asked to send the username of the hacked account to a Telegram bot called “notoscam.”

Here’s how to do it:

  • First, look for the @notoscam bot on Telegram. You’ll see the @notoscam account (with the official blue checkmark) in the search results. Ironically, multiple fake accounts also appear in the search results. Choose the one with the blue checkmark.
  • When the chat window opens, enter the details of the hacked account you want to report. The bot will not reply immediately to your message, so you may wonder if it worked or not. But Telegram insists that this is the correct way to report a scam or a hacked account.

There is also an email address, [email protected], but this appears to be specifically for accounts that are abusing and harassing users. If going through the notoscam bot doesn’t work, try the email address.

How to prevent your Telegram account from being hacked

You should never have to go through the headache of getting hacked, having your Telegram account stolen, or getting malware on your iPhone. You can avoid becoming a statistic or becoming a victim again by taking certain actions.

A screenshot of Telegram's settings page.
A screenshot of the Privacy and Security settings in Telegram, including the Two-Step Verification option.

Here’s what you can do to prevent your Telegram account from being hacked:

  • Enable 2-factor authentication: In Telegram, 2-factor authentication is known as Two-Step Verification. (For instructions on how to enable this feature, refer to the previous section in this article.)
  • Don’t respond to messages asking for codes: If the hacker tries to register their own phone number on your account or needs your 2FA codes, they may try to use social engineering to trick you into giving them up. Never reveal those codes to anyone.
  • Don’t click any links from unknown contacts: The main way for a hacker to gain access to a Telegram account is through malware-infected links. Don’t click links inside messages.
  • Install all Telegram updates: Hackers may find it easier to gain access to your Telegram account if there is an unpatched vulnerability in the Telegram app. When new updates appear in the iOS App Store, install them immediately.
  • Don’t share personal information: The more information a hacker has on you, the more easily he can take over your identity — and your Telegram account. If you don’t share personal information about yourself, you leave them with nothing to work with.

How to delete a Telegram account

If all else fails, you can delete your account via the deactivation page. This is a permanent and irreversible process that will delete all your messages, content, and contacts, including your groups and channels.

Once you enter your phone number on the deactivation page, you will be sent a code to your Telegram account, which you will need to use to confirm the deleted account. Additionally, Telegram accounts self-destruct if you do not go online for at least six months.

Telegram stands out from other messaging apps thanks to its many features. AI bots, massive groups, channels, and even self-destructive secret chats are some features that Telegram users love. However, hacked Telegram accounts are far from uncommon. Make sure to stay informed of known Telegram scams, turn on passcodes and 2FA, and be cautious when interacting with suspicious messages.

MoonLock Banner
#Messenger
Ray Fernandez

Ray Fernandez

Ray has been covering tech and cybersecurity for over 15 years. His work has appeared on TechRepublic, VentureBeat, Forbes, Entrepreneur, and the Microsoft Blog, among others.
Promo Banner

You might also like

Can your WhatsApp be hacked? Here's why you might be at risk (Header image)
Can your WhatsApp be hacked? Here’s why you might be at risk
Sep 19, 2025
17 min read
MacBook screen flickering or glitching? Here’s what’s happening: Header image
MacBook screen flickering or glitching? Here’s what’s happening
Sep 12, 2025
5 min read
What is cookie theft? How to get rid of malware that steals your cookies: Header image.
What is cookie theft? How to get rid of malware that steals your cookies
Sep 12, 2025
7 min read