Investigation Reveals Telegram Servers Owned by FSB Contractor

The infrastructure of the Telegram messenger is maintained by companies reportedly collaborating with Russian security agencies, raising concerns about potential user surveillance.

This information comes from an investigation conducted by Vazhnyye Istorii into the inner workings of the platform.

According to the investigation, in 2018, Telegram Corp, owned by Pavel Durov, transferred the rights and responsibilities for managing its infrastructure to Global Network Management (GNM), a company registered in Antigua and Barbuda.

The agreement on behalf of GNM was signed by Vladimir Vedeneev, who simultaneously held the position of Chief Financial Officer at Telegram.

GNM provided Telegram with over 10,000 IP addresses, and according to his testimony in a U.S. court, Vedeneev is responsible for establishing and maintaining the messenger’s infrastructure. Many of GNM’s IP addresses previously belonged to the St. Petersburg-based company Globalnet, which has ties to the Kremlin and the Federal Security Service of the Russian Federation (FSB). Vedeneev was also a beneficiary of this company, but in 2024, he transferred ownership to his relatives.

Overall, half of GNM’s employees are based in Russia, where the company has an office in St. Petersburg.

Another St. Petersburg company, Electrontelecom, supplied Telegram with 5,000 IP addresses. This company is an FSB contractor and provides installation and maintenance of secure communication systems for special operations.

In 2022, Globalnet also installed user traffic monitoring systems at the request of the Federal Service for Supervision of Communications, Information Technology and Mass Media ‘Roskomnadzor’.

This indicates that companies connected to Telegram’s infrastructure cooperate with Russian security agencies, which have access to user data.

Why is this dangerous?

Unlike WhatsApp and Signal, Telegram chats do not have end-to-end encryption by default. Messages are decrypted and stored on servers that are accessible to the companies maintaining the infrastructure.

Each message in Telegram contains a unique device identifier (auth_key_id), which allows the user’s device to be identified and the decryption key to be matched.

Accordingly, if companies cooperating with the Federal Security Service of the Russian Federation have access to Telegram traffic, this could be used for widespread surveillance of users, including tracking their locations and contacts.

“We know that Russia has SORM (a system through which Russian security agencies monitor phone calls and users’ internet activity — editor’s note). Every internet provider is required to install it within their infrastructure. This way, Russian security agencies have access to the traffic passing through the provider. They can monitor, store, and later analyze this traffic,” explains Vozniak.

This applies not only to Russia but also to the occupied territories of Ukraine. The messenger’s protocol allows Russian security agencies to identify device identifiers in all locations where Russian law enforcement has access to internet infrastructure.

Because Pavel Durov transferred the management of the entire messenger infrastructure to a single company that is effectively based in Russia, the data of other Telegram users worldwide is also at risk.

Durov’s Ties to Russia

Telegram officially denies that its contractors have access to user data or critical infrastructure, and asserts that it has no servers or employees in Russia.

However, the investigation indicates that the companies servicing Telegram’s servers are closely linked to the Federal Security Service of the Russian Federation, and Durov himself has repeatedly visited Russia after 2014, despite claims of being “exiled.”

In particular, according to leaked FSB records, Durov made over 50 trips to Russia between 2015 and 2021.

Cases of Russian Security Services Accessing Telegram Data

In recent years, numerous reports have emerged indicating that Russian security agencies have gained access to Telegram user data without physical access to their devices or hacking.

In 2023, The Wired published the stories of several Russian activists who faced persecution for participating in anti-war protests and discussing resistance actions.

According to their accounts, messages in “secret” chats were found to have been read even though the recipients had not opened them. In one case, a police officer quoted a detained activist’s messages sent to comrades on Telegram shortly before a search.

A new case has recently come to light. The human rights project Pervyy Otdel, which provides assistance to those accused of treason, reported that the Federal Security Service of the Russian Federation had gained access to messages Russians had sent to bots of Ukrainian Telegram channels, including Crimean Wind, Military Prophet, and others.

According to documents, Russian security services monitored users’ correspondence with administrators of Ukrainian channels for at least a year before criminal proceedings were initiated.

This effectively rules out the possibility of access through the suspected individuals’ devices. The fact that users were located in various regions of Russia suggests that the Telegram bots and channels were likely being monitored directly by the security forces, recording all communications from Russian citizens.