They stole all my telegram channels with 50k+ subscribers. Returned after a month. Action plan

Short description

The article recounts a story of channel theft from Telegram and provides a step-by-step plan to recover from it. The author received a strange message asking for advertising placement that required the post to be found in a sent archive. After downloading and opening the file, they lost access to all blogs and channels, and their profile was reset. The author advises not to panic and to contact Telegram support to report the incident. Activating two-factor authentication and resetting all active sessions are some preventive measures. Collaborating with other bloggers and not opening files of questionable origin are also recommended.

They stole all my telegram channels with 50k+ subscribers. Returned after a month. Action plan

Hello, champion!

Let’s assume that the reader of this article encountered the theft of his access to the channel’s telegrams. I will briefly tell my story of channel theft and give a step-by-step action plan on how to return the stolen access and what to do so that it does not happen again.

⚠️ Do not download or open the archives sent!

On the evening of January 8, a message was received from the Yandex advertising manager requesting the purchase of advertising (post placement). The conditions are strange. The post itself must be found in the sent archive. I read the dialogue from the phone. Of course, it’s lava I thought, and closed the dialogue, asking to send the post by text.

🔫 Automatic download of files from Telegram.

The next day. On the morning of January 9, I sat down at the laptop to work. Suddenly I notice that yesterday’s dialogue immediately woke up. Still asks to see what black box in the archive? I open the dialogue already on the laptop. The sent file is automatically downloaded and opened through Telegram settings. (If I don’t give it a value, I’ll lose all access in an hour). I noticed that the password in the Telegram cloud is tied to someone else’s mail. Realizing that something was wrong, I reset all active sessions. Among them, by the way, there was one stranger. (Honestly, maybe I accidentally clicked on the downloaded archive when I noticed it, I don’t remember for sure). Windows OS.

The reaction above did not help. Soon I will lose all access to blogs and channels. And I can’t even log into Telegram anymore. After restoring access by number, I get a clean profile with a remote correspondence history. Completely clean profile. And all my blogs have closed comments. Completely isolated. And most importantly, my own blog about Data Science is no longer mine.

💎 So this is a trendy divorce!

After a while, I find out that this turns out to be one of the very popular divorces. And very high-quality, if even big techno bloggers apply for it. Where was their two factor authentication?

My piece of correspondence and my blogger friends with a similar situation.

👩‍💻 Let’s say you’re still bloated. What shall I do?

Here is a list of what I did and I think it was the most helpful.

  • No panic. All access is complete really returnBut you have to act quickly.

  • We are writing for support and explain in detail what happened. An example of a letter and mail is below. Do not forget to include the name of the channel and the number of the owner. You can write in English and Russian. Because telegram support is spread all over the world.

Hello, my account nick_name (phone_number) was removed from me who was entitled to my @datafeeling channel. It happened on January 9th (2023)

Here is how it was. The archive was by me in private messages. After the archive ended, after a few days, I lost access to my account and channels. I am ready to provide any evidence, screenshots and confirm ownership of the account. Please return access to my account to phone_number. Thank you!

A place to write somewhere. Telegrams have other support mails but they didn’t work.

  • We are creating a new channel, where we write a post explaining what happened. Ideally with proof that it’s real. We tell our audience in any way possiblethat you have been hacked. (through your friends, subscribers and other sources). I was helped by blogger friends from my topic.

  • Friends please duplicate support information. I don’t know if there is prioritization depending on the premium subscription, but the final answer came to the friend without the premium subscription.

  • We start asking acquaintances to write strikes (complaints) about the stolen channel and indicate the reason – fraud. If they start advertising some kind of scam through your channel, consider yourself lucky. Get access back faster. If not, the response of Telegram support will be slower.

🥁 Was it returned quickly? I waited for a month.

Someone is returned in a matter of hours. Someone in a few weeks. It took me a month. Luckily, I’ve been on fire with work and projects all this month, so there hasn’t been much time to think about the main blog.

I wrote all my thoughts and news in the second mini-blog, which after a week was 10% of the number of the main one. Thanks friends.

🎯 Tough times call for tough decisions. What helped?

Almost a month later, I realized that I needed to make a new move and regain access. So far I have had 40 support letters. ~150 strikes were thrown on the old channel, two meetings were held with employees of the truckBut there was still no response from support. Well, let’s make a contest with a prize!

All accesses will be returned to me within a day

🧠 Prevention. Risks. Laifaks

Now I’m going to make it very difficult to break you.

  • Activate two-factor authentication. This is a matter of one minute, which in no way affects the convenience of using telegrams. But it will be very difficult to break you. A very profitable investment.

  • Did you feel that something was wrong? Reset all active sessions. In my case, this prevented my channel from being used for further fraud.

  • The owner’s account does not appear anywhere blog or chat. Create another account to communicate with the community or advertisers. Such an account will lead to fewer problems in the event of a hack. Set up two-factor on it too!

  • If you have a grid of several chats/groups, then give admin to trusted friends, relatives or employees. Yes, in the event of a hack, you will still have the opportunity to influence the situation. Personally, this approach helped me continue to accept applications for advertising on other blogs where my owner account was removed all month.

  • Collaborate with bloggers of your topic. Do not be afraid to tell the audience about colleagues “on the shop floor”. So you can notify your audience through other bloggers in case of a problem. I don’t know what I would have done without this item.

  • Do not download or open files of questionable origin that are sent! You can even turn off auto-download to further reduce your risks.

Thank you for attention! Good luck!

Related posts