India banned Telegram on June 17 after the app was used to leak Class 12 exam papers, and the disruption spread to the UAE via a BGP hijacking attack attributed to Reliance Jio. Here’s how the ban works, why it’s failing, and the technical bypasses—including MTProto proxies—that are keeping the app alive.
Telegram’s global outage wasn’t just a local ban. Reliance Jio’s BGP hijacking—confirmed by Durov as a “large-scale attack”—redirected Telegram’s traffic through Jio’s network, cutting off users in the UAE, Europe, and beyond. The attack exploited BGP’s path-vector routing, a protocol designed for internet scalability but frequently abused in state-sponsored disruptions. “This is textbook BGP hijacking as a censorship tool,” said Raffael Marty, CTO of Anomali, in an interview. “The fact it crossed borders proves how fragile global routing remains.”
The ban itself is a Section 69A order under India’s IT Act, targeting Telegram’s failure to comply with traceability demands—a legal gray area since the app uses MTProto’s end-to-end encryption. The UAE, however, has no official ban. Its disruption stems from Jio’s hijacking, which Telegram’s open-source clients automatically reroute around—unless users are on Jio’s network or behind ISP-level filtering.
Why the BGP Hijacking Worked—and How Telegram’s Code Fails Users
BGP hijacking relies on asymmetric routing: while Telegram’s servers route traffic normally, hijacked paths force clients to use Jio’s gateways. The attack succeeded because:
- No DNS-level blocking: Telegram’s DNS records (e.g.,
web.telegram.org) weren’t tampered with—only the underlying IP routes. This means standard DNS-over-HTTPS (DoH) bypasses fail. - MTProto’s default fallback: Telegram’s clients retry connections via DC (Data Center) load balancing, but Jio’s hijack forced them to use a single DC in India. “The protocol’s resilience is only as strong as its weakest DC link,” noted Moxie Marlinspike, founder of Signal, in a tweet thread.
- No transport-layer mitigation: Telegram doesn’t use QUIC or HTTP/3, which could detect hijacked paths via connection resets.
“Telegram’s reliance on BGP for redundancy is a double-edged sword. It’s why the app scales globally, but also why it’s vulnerable to this kind of attack. The fix isn’t just proxies—it’s protocol-level changes.”
—Dr. Vern Paxson, UC Berkeley professor and ICIR researcher
The MTProto Proxy Workaround: How It Works (and Why It’s Risky)
Users in affected regions are bypassing the hijack via MTProto proxies, which tunnel traffic through third-party servers. Here’s the breakdown:
| Method | Latency Penalty | Security Risk | Setup Complexity |
|---|---|---|---|
| Telegram’s Official Proxy List | +150–300ms (varies by region) | Low (vetted by Telegram) | Moderate (requires manual config) |
| Third-party MTProto proxies (e.g., mtproto.org) | +200–500ms | Medium (unvetted operators) | Low (one-click clients like Telegram X) |
| VPN + Telegram (e.g., ProtonVPN) | +300–800ms | High (VPN logs, potential leaks) | Low (app-based) |
The most effective bypass is Telegram’s built-in proxy support, which routes traffic through alternative DCs. However, this requires manual configuration in the app’s settings:
proxy-type: mtproto
proxy-address: proxy.mtproto.org
proxy-port: 443
Third-party proxies, while easier, introduce risks: some log traffic or inject ads. “The trade-off is clear,” said Nadim Kobeissi, founder of Cryptocat. “Convenience vs. trust. For activists, the official list is safer—but slower.”
How This Ban Escalates the Global Tech Cold War
The incident exposes three critical fault lines:
- BGP as a censorship weapon: Reliance Jio’s attack mirrors Iran’s 2022 hijacking of Cloudflare, proving how BGP’s lack of authentication enables state-level disruptions. “This isn’t just India vs. Telegram—it’s a test of whether routing protocols can be weaponized at scale,” said Marty.
- Encryption vs. traceability: India’s demand for Telegram to break E2EE clashes with global trends like the EU’s DMA, which prohibits forcing backdoors. Telegram’s refusal aligns with Signal’s stance, but India’s 2000 IT Act gives it broad powers.
- Open-source as a shield: Telegram’s open-source clients let users audit and bypass blocks. Unlike WhatsApp (which relies on Facebook’s walled garden), Telegram’s decentralized approach makes it harder to fully suppress. “This is why Telegram thrives in authoritarian regimes—its code is its moat,” said Marlinspike.
The broader implication? Telegram’s architecture is now a battleground. If India succeeds in forcing traceability, it could set a precedent for other governments to demand backdoors in E2EE protocols. Meanwhile, the BGP hijack reveals how routing security is the weak link in global internet resilience.
The 30-Second Verdict: What You Should Do Now
If you’re in the UAE or affected regions:
- Use Telegram’s official proxy list (link) for the safest bypass.
- Avoid third-party proxies unless vetted—some log metadata or inject malware.
- Switch to Signal or Session if privacy is critical. Both use Double Ratchet and aren’t vulnerable to BGP hijacks.
- Monitor your ISP: If your connection is rerouted, check BGPmon for hijacking alerts.
The ban may last until June 22, but the real story is how Telegram’s users—and its code—are fighting back. For now, the app remains up. The question is whether this becomes a template for future disruptions—or a wake-up call for the internet’s routing infrastructure.
