Your Telegram got hacked? Here's what you can do about it (Header image)
Security 16 min read

Your Telegram got hacked? Here’s what you can do about it

byRay Fernandez

Published:Jun 26, 2026

Telegram’s main selling point continues to be its privacy-focused features and large group chats of up to 200,000 members. However, these same features and popularity also make it particularly attractive to cybercriminals. If your Telegram account gets hacked, attackers may steal your messages, files, contacts, or even take over your account entirely.

According to a February 2026 security research firm CYFIRMA, threat actors are actively exploiting Telegram’s QR code login and authorization prompts to compromise large numbers of accounts globally through session hijacking and credential theft. And while you can take the necessary precautions to keep yourself safe while using the messaging app, you can still lose messages, files, or your whole account to a particularly skilled hacker.

Can someone hack your Telegram?

Unfortunately, hackers can definitely hack your Telegram account. As a general rule, all online accounts are susceptible to hacking. This includes Telegram. Used by millions of people worldwide, the app is an attractive target to hackers looking to mass-exploit a vulnerability in the system for their own gain.

But aside from the cybersecurity risk, one of the easiest ways to steal a Telegram account is by gaining physical access to an unlocked device with the app on. There’s very little that Telegram’s internal security features can do in the face of device theft. Even the company admits that they can’t protect you in that situation unless you take immediate action to restore your account.

Your Telegram account can also be hacked through more “traditional” means, like phishing, malicious software like spyware, and man-in-the-middle (MITM) attacks. At the end of the day, Telegram is a messaging app like any other, and you need to be careful about your online activity to avoid increasing your risk of attack.

Don’t fall for phishing messages

Before following through on a suspicious Telegram message, run it through Moonlock’s Scam Detector to check it for signs of a scam or social engineering.
TRY 7 DAYS FREE

How secure is Telegram?

Telegram’s reputation is mainly based on users’ perceptions derived from its messaging features. And when compared to WhatsApp and Signal, most experts say that Telegram sits between these two apps in terms of privacy and security.

When it comes to encryption, Telegram only uses E2E encryption for messages sent in Secret Chat mode. The app encrypts common messages sent over the cloud using client-server/server-client encryption developed in-house. The encryption cannot be verified externally to test its security, raising eyebrows among security experts including Moxie Marlinspike, the founder of Signal.

Furthermore, Telegram does not turn on Secret Chat by default. Users need to open their profile and tap Start Secret Chat to use this feature.

How to turn on Secret Chat in Telegram: Screenshot 1
How to turn on Secret Chat in Telegram: Screenshot 2

Like Snapchat, Telegram provides message self-destruct capabilities with this feature. WhatsApp, on the other hand, uses end-to-end encryption E2E with three keys for all its messages. This encryption protocol is the same as the one Signal uses.

Regarding privacy and your data, WhatsApp collects and gathers a lot of your personal data. This includes location, IP address, contacts, updates, ISP details, mobile phone model, purchase history, crash data, performance, and interaction data. By contrast, Telegram only asks for your phone number, email, and contact info and keeps primary data on your contacts. Finally, Signal only asks for a phone number.

In other words, Telegram’s encryption is weaker than Signal and is not always turned on like WhatsApp. And while Telegram has tighter privacy policies for your data, they do not outperform those used by Signal.

In late 2024, after Pavel Durov’s arrest in France, Telegram broadened its privacy policy and willingness to collaborate with law enforcement. It states that it may disclose rule-breaking users’ IP addresses and phone numbers upon receiving valid judicial orders. As of June 2026, there hasn’t been a withdrawal or reversal of this policy change, so it can be assumed that it remains in effect.

Risks and consequences of a hacked Telegram account

Depending on how long and for what purpose you’ve been using Telegram, the risks and consequences of your account being compromised can range from an inconvenience to major damage to your finances, reputation, and mental health, including:

  • Exposing private conversations: Anyone who has access to your Telegram account can view and share all your past conversations, with the exception of Secret Chats, where a self-destruction timer has been set.
  • Identity theft and impersonation: A hacker can continue to use your Telegram account as if they were you. They can talk to your contacts and ask them for money, account passwords, or other sensitive information.
  • Losing linked accounts: If you use Telegram to log in to other accounts or services, you might lose access to those, as well.
  • Access to shared media and files: Any files, photos, videos, or audio clips you have shared via Telegram messaging can be accessed by the hackers. They might choose to leak your personal media or blackmail you into keeping it private.
  • Telegram channel/group takeover: Hackers may remove administrators or alter content in a Telegram group to scam members or sell access to an established audience.
  • Financial losses: Attackers can take advantage of connected payment bots or services to get users to spend Telegram Stars or trick users into accepting fake Telegram Premium offers.

Is hacking a Telegram group common?

Hacking Telegram groups is not uncommon. Telegram groups can have up to 200,000 members, making them very attractive tools for cybercriminals to run their campaigns.

Common scams used in hacked Telegram groups include:

  • Fake Telegram groups
  • Crypto scams
  • Phishing scams
  • Tech support scams
  • Cryptocurrency giveaways
  • Ad scams
  • Fake jobs, fake interview requests
  • Group phishing

Additionally, by default, anyone can add you to a group without your permission. You can opt out of this option by going to your Settings and navigating to Privacy and Security > Groups & Channels, and changing Who Can Add Me to My Contacts only.

Set who can add you to Telegram groups without your permission: Screenshot 1
Set who can add you to Telegram groups without your permission: Screenshot 2

Can you get hacked through a Telegram bot?

If you have reason to think, “My telegram account is hacked,” you should learn how bots work in Telegram.

Any person with a telephone number can create a Telegram account, and with that privilege, they can easily create an AI-driven bot. Telegram bots use natural language processing and AI to create human-like conversations. This automation allows scammers to expand their reach instantly and significantly.

Using bots, cybercriminals can pose as banks, financial institutions, account login and security teams, and digital service providers like PayPal, Apple Pay, Google Pay, and others. Furthermore, they can reach thousands or millions of users with bots. These bots will try to trick users into giving away sensitive information, financial data, passwords, and other critical details.

To stay safe from malicious Telegram bots:

  • Double-check the source of any message your get.
  • Be suspicious of messages that sound urgent.
  • Never share passwords or personal data online.

Chats with bots aren’t E2E encrypted. So when the bot impersonates banks or support agents, they can redirect all your messages to the malicious individual behind them. Telegram’s Bot API uses HTTPS/TLS to communicate, rather than Telegram Secret Chat’s E2E. In groups, what a bot receives depends on its permissions and privacy settings, all of which can be controlled by its creator.

To stay safe around Telegram bots:

  • Verify the bot’s username and purpose.
  • Never share passwords, codes, or financial details with bots.
  • Avoid clicking on suspicious links.
  • Check unfamiliar sessions and unauthorized third-party Telegram clients by tapping on Settings, then Devices.

Is it possible for someone to hack my phone through Telegram?

Yes, it is indeed possible to hack a phone through Telegram. End-to-end encryption is enabled for individual chats, but phishing links with social engineering tactics could be used to trick you into downloading malware onto your device.

Telegram would merely be the “vehicle” used to introduce malware onto your phone. Once the malware is there, it can begin installing its own apps or stealing your sensitive data. On Android, fake Telegram APKs can install infostealers or spyware to track everything the user does on their phone. Meanwhile, on PC or Mac, malware can copy Telegram Desktop’s “tdata” folder, potentially allowing the attackers to hijack your Telegram session.

Be extremely cautious if you are sent a link, even if it’s from somebody you think you know well. Like any other messaging app, Telegram isn’t 100% safe from hackers and never will be. The iOS version is more restricted and offers more protection, but malicious enterprise-signed apps and jailbroken devices can pose a risk. Always treat unexpected links or downloads with great suspicion.

Common ways to hack a Telegram account

There are many ways that your Telegram account can be hacked, some easier to evade than others. Illegal methods include phishing, malware, or stolen verification codes and passwords. However, the use of parental control and monitoring apps can also be considered a form of spyware if they’re installed on the device without proper permission.

Most Telegram hacks don’t try to break the app’s encryption or brute-force guess a user’s password. Here are a few of the methods used instead:

  • QR-code phishing and linked-device abuse: Fake login pages that look identical to the real thing will show a Telegram QR code and prompt the user to scan it to log in. Scanning it, however, authorizes the attacker’s session, allowing them to unlock your account and use it through their device.
  • SMS interception and SIM swapping: Criminals contact your cell provider to transfer your number to a SIM they control, enabling them to receive your Telegram verification codes. In 2025, the FBI recorded 971 SIM-swap complaints and $17.4 million in losses.
  • State-level interception: It’s not always malicious individuals looking to access a Telegram account. Sometimes, intelligence services or authoritarian governments pressure telecom companies to intercept SMS authentication to access the Telegram account of a person of interest.
  • Desktop session theft: Infostealers, such as RedLine, Raccoon, and Phemedrone, are a type of malware that steals application data by copying Telegram Desktop’s “tdata” folder, including its active sessions. In 2024, Imperva found malicious PyPI packages doing this to infected devices.
  • EvilVideo: On Telegram Android versions 10.14.4 or earlier, malicious APKs could appear as video files. This was a flaw that Telegram patched in newer versions as of July 2024.
  • Fake APKs, phishing, and spyware: Using unofficial Telegram installers could introduce the risk of malware. Similarly, phishing, call forwarding, and monitoring apps can also be used to expose poorly secured Telegram accounts.

Don’t allow Telegram’s built-in encryption to give you a false sense of security. Criminals usually don’t attempt to brute-force their way in. Instead, phishing and social engineering techniques are used. 

Making sure your Telegram account is safe goes hand-in-hand with making sure your devices are clean of malware and spyware. That’s why it’s essential to regularly scan your Mac for potential malware with a trusted anti-malware solution.

Screenshot of Moonlock, a Mac security app: The Malware Scanner screen.

Here’s how to do it:

  1. Start a 7-day free trial of Moonlock.
  2. Open Moonlock and run the Malware Scanner tool.
  3. Set your preference to Deep Scan.
  4. Moonlock will scan your device for threats. Anything suspicious will be moved to Quarantine.

From there, you can review Quarantine on your own schedule, see the threats that have been located, and remove them from your device entirely.

Screenshot of Moonlock, a Mac security app: The malware scan results screen.

How to check if your Telegram account has been hacked

In most cases, you don’t immediately get kicked out of your account if it gets hacked. But there are a few warning signs leading up to a full account takeover that you should keep an eye out for.

You’re unexpectedly logged out

24 hours after gaining access, an attacker can terminate your session to log you out of your own Telegram account. If that happens, you need to log back in immediately before they change the password and account recovery details.

Login codes you didn’t request

Receiving emails or texts with password reset codes that you didn’t request might be a sign that someone is trying to access your account from another device. If you receive 2FA codes, it means someone already has your password, and verification codes are keeping them out. Immediately log in and change your password if that’s the case.

Unknown active sessions

If you find an unfamiliar active session on your device, immediately terminate it, even if it’s in the same city as you. The attacker could be using a VPN to appear less suspicious.

Changes in your profile

A changed username, photo, or bio, or a newly added link, could indicate that someone is using your Telegram account and tampering with your profile. Terminate all sessions and reset your password, then make sure to restore all your profile’s original details.

Joining unfamiliar Telegram groups

An attacker might use your account to distribute spam or scams on Telegram groups. They could also scam you for money through unfamiliar groups. You should immediately leave the group and resecure your account.

Contacts receiving messages you didn’t send

The attacker might be impersonating you to your contacts, requesting money and codes, or sending them links. Warn your contacts through a separate communication channel, like WhatsApp or text message, and recover your account from the hacker.

You can’t log in

If you’re too late, the hacker might’ve already changed your password, phone number, and account recovery details. You’ll need to immediately contact Telegram Support to start the process of recovering your account if it’s still possible.

Your security and recovery settings have changed

An attacker might enable 2FA when you haven’t had it enabled before, replace your recovery email, or adjust your account’s security settings to better control your account. Regularly review your Telegram account’s Privacy and Security settings and restore anything that was changed.

What to do if your Telegram has been hacked

There are several things you can do if you think your Telegram has been hacked. These range from removing devices from your account to enabling and strengthening your passcode lock option, activating two-factor authentication, changing your phone number, or even deleting your account if necessary.

As a security precaution, Telegram prevents newly logged-in devices from terminating older sessions for the first 24 hours. That way, if you act quickly following unauthorized access to your account, you can kick the intruder out without losing your account.

If you still have access to your Telegram account

If you can still access your Telegram account through a trusted device, act immediately to strengthen your defenses and kick the attacker out before they take over your account.

Set up a passcode and 2FA in Telegram

Setting two-factor authentication and a passcode in Telegram is very simple and an excellent way to increase your security. If anyone gets access to your account or your phone, they will need to know your passcode or password to verify their identity.

To set up a passcode for Telegram:

  1. Open the Telegram app.
  2. Go to Settings. Then go to Privacy and Security.
  3. Select Passcode & Face ID for iPhone models or Passcode & TouchID for older iPhone models. On Android devices, select Passcode Lock.
  4. Tap Turn Passcode On and enter a numerical passcode that will lock your Telegram app.
  5. Select Passcode options if you want to switch between a four-digit or six-digit passcode.
  6. Now select the Auto-lock option to customize the duration for the lock. It can be anything from 1 minute to 1 hour or longer.
How to set up a passcode for Telegram: Screenshot 1
How to set up a passcode for Telegram: Screenshot 2

To set up 2FA in Telegram:

  1. Go to Settings. Then go to Privacy and Security.
  2. Select Two-Step Verification.
  3. Set a password.
  4. Add a hint to your password.
  5. Now enter a recovery email to get your verification code.
  6. Enter the code sent to your email.
  7. Your 2FA should now be active.

Remove suspicious devices from your Telegram

To remove devices from your Telegram account:

  1. Open the Telegram app.
  2. Go to Settings, then Devices. You will see a list of devices that are using your Telegram account.
  3. If you see an unknown device, tap the device’s name.
  4. Select Terminate Session to remove it from your Telegram account. Additionally, you can toggle the option to disable incoming calls for the device.
How to remove devices from my Telegram: Screenshot 1
How to remove devices from my Telegram: Screenshot 2

You’re not going to find the hacker’s full name and home address in their active session. However, each session contains information on the IP address, general location, and when the session was last active. It’ll also have information on the type of device used to access Telegram, whether it’s a web app or a mobile app.

This information is unlikely to help you identify the hacker, since they’ll likely be using a VPN or proxy, but it can be very useful in determining which sessions aren’t yours. You should terminate all unfamiliar and old sessions to minimize risk.

Notify your Telegram contacts after a hack to prevent scams

If your account has been hacked, there’s often very little you can do to restore it before a hacker gets access to all your data. Your best option is to minimize the damage by informing everyone on your contact list, either through text messages, calls, or other social media platforms, that your Telegram account has been hacked.

This can help prevent impersonation or identity fraud. Also, your contacts can delete any private messages or shared media from their accounts, hopefully before the hacker gets to them.

Use a separate, trusted channel, such as SMS or WhatsApp, to warn your contacts of your compromised Telegram account. Stress that they shouldn’t click on any links sent from “your” account, send money, or share codes.

Recover Telegram if your phone was stolen

If someone has stolen your phone, you should take immediate action. Whoever has your phone number also effectively has your Telegram account. However, you can still log in to your account on another device and try to salvage the account.

Here’s what to do if you lose your phone:

  1. Go to Settings, then Devices (or Privacy and Security > Active Sessions), and terminate your Telegram session on the old device. The person who stole your phone will not be able to log in again, since they need the password. 
  2. Contact your phone provider and ask them to block your old SIM and issue you a new one. To switch to a new phone number, go to Settings, tap on your phone number, and change your Telegram number. This will send new verification codes via SMS. 

Note that if you have 2FA already enabled and you remember the password, the recovery process is much easier, even if you still don’t have access to your SIM card.

Recover your account if you are completely locked out of Telegram

If you find yourself completely locked out of your account, you should immediately try to log in again:

  1. Open Telegram, enter your phone number, and request a new SMS code.
  2. Enter the code and your 2FA password, if enabled.
  3. Once inside, go to Settings, then Devices to terminate all other sessions.

Once you start the recovery process, you need to finish it quickly. All active sessions, including the hacker’s session, will receive notice of the login attempt, and they might try to lock you out again.

If the attacker has set up a different 2FA, use your recovery email or phone number to bypass it or start Telegram’s 7-day account recovery reset process.

How can you report a hacked Telegram account?

Reporting a hacked Telegram account is the essential next step. However, Telegram’s method of letting people report compromised accounts is rather unusual. 

You are asked to send the username of the hacked account to a Telegram bot called “notoscam.”

Here’s how to do it:

  • First, look for the @notoscam bot on Telegram. You’ll see the @notoscam account (with the official blue checkmark) in the search results. Ironically, multiple fake accounts also appear in the search results. Choose the one with the blue checkmark.
  • When the chat window opens, enter the details of the hacked account you want to report. The bot will not reply immediately to your message, so you may wonder if it worked or not. But Telegram insists that this is the correct way to report a scam or a hacked account.

Another option is to go to Settings, Ask a Question, then Skip to Volunteers. Or, if you’re completely locked out, submit your account details to Telegram’s support web portal at telegram.org/support. There is also an email address, [email protected], but this appears to be specifically for accounts that are abusing and harassing users. If going through the notoscam bot doesn’t work, try the email address.

How to prevent your Telegram account from being hacked

You should never have to go through the headache of getting hacked, having your Telegram account stolen, or getting malware on your iPhone. You can avoid becoming a statistic or becoming a victim again by taking certain actions.

A screenshot of Telegram's settings page.
A screenshot of the Privacy and Security settings in Telegram, including the Two-Step Verification option.

Here’s what you can do to prevent your Telegram account from being hacked:

  • Enable 2-factor authentication: In Telegram, 2-factor authentication is known as Two-Step Verification. (For instructions on how to enable this feature, refer to the previous section in this article.)
  • Don’t respond to messages asking for codes: If the hacker tries to register their own phone number on your account or needs your 2FA codes, they may try to use social engineering to trick you into giving them up. Never reveal those codes to anyone.
  • Don’t click any links from unknown contacts: The main way for a hacker to gain access to a Telegram account is through malware-infected links. Don’t click links inside messages.
  • Install all Telegram updates: Hackers may find it easier to gain access to your Telegram account if there is an unpatched vulnerability in the Telegram app. When new updates appear in the iOS App Store, install them immediately.
  • Don’t share personal information: The more information a hacker has on you, the more easily he can take over your identity — and your Telegram account. If you don’t share personal information about yourself, you leave them with nothing to work with.
  • Lock your Telegram app: Add an additional security layer to your Telegram by including a password or biometrics when opening the app on your phone.
  • Never scan unverified QR codes: Malicious Telegram QR codes can lead you to fake login pages or drive-by download malware and spyware on your device.
  • Set a SIM PIN: Secure your SIM card by setting a unique PIN code that prevents it from being used on other phones, even if it was physically stolen.
  • Review active sessions: Regularly check active sessions on your device and terminate anything unfamiliar or anything you no longer use. Also, enable auto-termination for inactive sessions.
  • Use the official Telegram app: Third-party or cracked Telegram apps can contain malware or backdoors, so avoid them in favor of the official app.
  • Use Scam Detector: Before responding to any suspicious messages, check them using Moonlock’s Scam Detector for the likelihood of being a scam.
Screenshot of Moonlock, Moonlock Scam Detector message

How to delete a Telegram account

If all else fails, you can delete your account via the deactivation page. This is a permanent and irreversible process that will delete all your messages, content, and contacts, including your groups and channels.

Once you enter your phone number on the deactivation page, you will be sent a code to your Telegram account, which you will need to use to confirm the deleted account. Additionally, Telegram accounts self-destruct if you do not go online for at least six months.

Telegram stands out from other messaging apps thanks to its many features. AI bots, massive groups, channels, and even self-destructive secret chats are some features that Telegram users love. However, hacked Telegram accounts are far from uncommon. Make sure to stay informed of known Telegram scams, turn on passcodes and 2FA, and be cautious when interacting with suspicious messages.

MoonLock Banner
#Messenger
Ray Fernandez

Ray Fernandez

Ray has been covering tech and cybersecurity for over 15 years. His work has appeared on TechRepublic, VentureBeat, Forbes, Entrepreneur, and the Microsoft Blog, among others.
Promo Banner

You might also like

Has your Gmail been hacked? Here's how to tell and how to recover your account (Header image)
Has your Gmail been hacked? Here’s how to tell and how to recover your account
Jun 25, 2026
18 min read
Snapchat hacked? Signs to watch for and how to recover
Snapchat hacked? Signs to watch for and how to recover your account
May 30, 2026
13 min read
How smishing works and how to spot a smishing attack: Header image
How smishing works and how to spot a smishing attack
May 16, 2026
17 min read