Investigation: FSB-linked individuals responsible for Telegram infrastructure
10 June 2025 20:40
Telegram’s infrastructure is run by people who serve the secret complexes of the Russian special services used to monitor citizens. This is stated in an investigation by Important Stories, the Russian partner of the Project on Corruption and Organized Crime Investigation (OCCRP), "Komersant Ukrainian" reports.
The investigation refutes the claims of Telegram founder Pavel Durov that he was expelled from Russia and never returned. In fact, he visited Russia more than 50 times between 2015 and 2021. In addition, after the ban of the TON cryptocurrency in the United States, Durov received funding from Russian state banks and oligarchs, including VTB and Alfa Capital.
As for Telegram’s security, the problem is the encryption of messages – or lack thereof. Only about 2% of users use secret chats with end-to-end encryption, while regular chats are stored on servers in decrypted form.
Even in secret chats, the device identifier (auth_key_id), as well as other user tracking information, including IP address and time of message sending, is transmitted in clear text. This information can be easily accessed by the company through which the messenger traffic passes. You can read more about this in the blog of Michał Wozniak, a digital security expert with over 20 years of experience.
According to the investigation, Telegram users’ messages are sent to the servers of Global Network Management (GNM), a company formally registered in the Caribbean islands of Antigua and Barbuda, but actually managed from Russia. This company provided Telegram with more than 10 thousand IP addresses.
Documents from a court case in Florida between GNM and the contractor revealed that the company’s owner is Vladimir Vedeneyev, a native of Togliatti, and half of its employees are based in Russia. During the trial, Vedeneyev claimed that he was the only one who had access to Telegram’s servers in Miami, which jeopardized the security of users around the world.
Even more interestingly, Vedeneyev previously owned the Russian telecom operator Globalnet, which provided Telegram with direct access to Russian infrastructure and had ties to the FSB and the GlavNIVC think tank, which is involved in mass surveillance.
“Globalnet was the first operator to implement a system for monitoring user traffic using Deep Packet Inspection at the request of Roskomnadzor. At the same time, Russia announced an agreement with Durov, as Telegram installed equipment that allows it to “monitor all dangerous entities.”
Another company of Vedeneyev’s, Electrotelecom, served secret FSB facilities in St. Petersburg and provided the transmission of “special information.” It also provided Telegram with about 5,000 IP addresses.
Overall, this means that Telegram’s infrastructure is run by companies closely linked to the Russian government and the FSB, which makes it much easier to monitor the service’s users.
According to Michał Wozniak, device identifiers pose a serious threat if people collaborating with Russian special services have access to traffic.
“I am shocked, but not surprised. If someone has access to Telegram traffic and cooperates with Russian special services, the device identifier becomes a powerful tool for global surveillance of messenger users, regardless of their location or connection to the server,” Wozniak says.
