this post was submitted on 17 Jun 2026
69 points (98.6% liked)

Technology

85515 readers
5116 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 3 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
69
How a Single Rogue BGP Announcement Took Telegram Offline Across Three Continents (thecybersecguru.com)
submitted 15 hours ago* (last edited 15 hours ago) by WPSteam@lemmy.world to c/technology@lemmy.world
2 comments fedilink hide all child comments
 

Telegram faced major connectivity disruptions after researchers reported that Reliance Communications’ AS18101 allegedly announced Telegram’s 91.108.56.0/22 IP prefix, a route normally originated by Telegram’s AS62041. The announcement reportedly spread through FLAG Telecom and reached international peers, causing Telegram traffic in India and parts of the UAE, Europe, and Asia to be misrouted or dropped.

The incident came around the same time as India’s temporary Telegram restriction linked to NEET exam security, but the network-layer impact went far beyond a domestic block. Researchers say the route should have been flagged as RPKI-invalid and filtered, raising fresh concerns about weak BGP security enforcement, poor route filtering, and how a single unauthorized routing announcement can disrupt a major platform across borders.

top 2 comments
sorted by: hot top controversial new old
[–] WPSteam@lemmy.world 3 points 4 hours ago

Regarding announcing more specific prefixes — we did exactly that, and Reliance responded with even more specific ones. That’s when we realized this might not be incompetence, but malevolence.

https://x.com/durov/status/2067241316463886549

Durov's Reply to the BGP Prefix issue

[–] ravenaspiring@sh.itjust.works 18 points 14 hours ago* (last edited 14 hours ago)

The “misconfigured local block gone global” theory goes like this: Reliance was trying to comply with India’s Section 69A blocking order for Telegram. To implement the block domestically, they configured a null route for Telegram’s IP prefixes – traffic from Indian users heading to 91.108.56.0/22 gets redirected to a dead end. Normal ISP blocking procedure.

But somewhere in that configuration, instead of just inserting a null route in their internal routing tables, they accidentally originated a BGP announcement for the prefix – telling the world, via FLAG, that they were the legitimate destination for Telegram’s traffic. The internal block leaked into the global routing table.

This is technically plausible. BGP misconfigurations do happen. The internet has seen accidental route leaks before. Pakistan Telecom knocked YouTube offline globally in 2008 with exactly this kind of mistake. Human error in complex network configurations is real.

But there are a few things that make pure-accident harder to swallow here.

First, the announcement persisted. Multiple researchers spotted it, documented it, and publicly reported it. Network operators contacted FLAG Telecom. The incident was visible in public routing data. Yet it stayed live for an extended period. Accidents get cleaned up faster when there’s external pressure and the error is obvious.

Second, the timing. The government ban announcement, followed immediately by a technically sophisticated routing manipulation that happened to push users toward a blackhole rather than a redirect, followed by slow remediation – this sequence is either a spectacular coincidence or it isn’t.

Third, the competitive context. Reliance Jio and RCom share common ownership threads with Mukesh Ambani’s broader business empire, which has a strategic partnership with Meta – the company behind WhatsApp, Telegram’s primary competitor in India. Telegram’s growth in India has been directly at WhatsApp’s expense. A platform disruption that makes Telegram unreliable while WhatsApp continues working normally is commercially convenient for a Meta-aligned entity.

None of this proves intent. But “we accidentally configured a global BGP hijack of our primary competitor’s IP space and then didn’t fix it quickly when people noticed” is a story that requires you to accept a lot of charitable coincidences stacking up simultaneously.