India's Telegram ban spills into UAE via BGP routing leak
Key Takeaways
- India banned Telegram until June 22 under Section 69A of the IT Act after the platform was used to distribute leaked NEET exam materials.
- A BGP routing anomaly caused by AS18101 disrupted Telegram access for users outside India, including in the UAE.
- Telegram CEO Pavel Durov accused Reliance of deliberate sabotage, but network analysts attribute the incident to a misconfigured domestic block leaking globally.
India's temporary ban on Telegram, triggered by exam-cheating scandals, has caused collateral damage far beyond its borders. Users in the UAE and other countries lost access to the messaging app after a BGP routing anomaly redirected Telegram traffic through Indian networks that were enforcing the block. Telegram CEO Pavel Durov has accused Reliance of deliberate sabotage. Network analysts say the evidence points to a misconfiguration, not malice.
The Ministry of Electronics and Information Technology invoked Section 69A of the IT Act on June 16 to block Telegram nationwide until June 22. The order came at the National Testing Agency's request after investigators found Telegram channels and bots were used to sell access to leaked question papers for the NEET-UG medical entrance exam. A separate directive requires Telegram to disable its message-editing feature in India until June 30.
How a domestic block became an international outage
Border Gateway Protocol is the internet's routing system. Networks use BGP announcements to tell each other which IP address ranges they control. When a network announces ownership of addresses it doesn't actually manage, traffic meant for those addresses gets misdirected. That's a BGP hijack, and it's what happened to Telegram.
Public routing data shows AS18101 began announcing Telegram's IP prefixes around the time the domestic block went live. Doug Madory, Director of Internet Analysis at Kentik, confirmed the hijack occurred but noted that RPKI route-origin validation limited how far the bad routes spread. Network researcher Anurag Bhatia independently verified the anomaly against public routing data.
Technology policy researcher Pranesh Prakash traced the mechanics in detail. The route leaked to the global internet via FLAG Telecom (AS15412), a former RCom-owned transit provider that failed to drop the RPKI-invalid announcement. That's how users in the UAE and elsewhere lost access.
Durov's sabotage claim vs. the technical evidence
In a post on X, Durov accused Reliance of "sabotaging" Telegram access for users outside India through BGP hijacking. He framed it as possible competitive interference, pointing to Reliance's ties to Meta, which holds a roughly 10 percent stake in Reliance Jio.
The analysts who documented the hijack disagree with Durov's interpretation. Prakash said plainly that intentional sabotage was "highly unlikely" and that he had seen zero evidence for it, reading the incident instead as a domestic block misconfigured into a global leak. Madory compared it to Iraq's 2023 block, where an attempt to cut Telegram domestically leaked routes outward in the same way.
There's also a corporate-identity wrinkle. AS18101 is registered to Reliance Communications, the insolvent Anil Ambani-era operator, not Reliance Jio, the Mukesh Ambani carrier with Meta ties. Prakash noted that Jio has absorbed some of RCom's spectrum and fiber assets, but stopped short of identifying who actually originated the hijack. The routing anomaly is documented. The intent, and who triggered it, are not.
Why India banned Telegram in the first place
The trigger is the National Eligibility-cum-Entrance Test (NEET-UG), India's largest medical entrance exam, taken by millions of students each year. Question papers were allegedly leaked before the May 3 exam through a paid WhatsApp group and coaching-center networks in Rajasthan. Reports indicated a pre-circulated guess paper overlapped heavily with the real test.
The exam was cancelled on May 12, with a re-test scheduled for June 21. The Central Bureau of Investigation took over the probe and has arrested NTA-appointed subject experts and coaching figures. The NTA says cheating networks used Telegram channels, groups, and bots to sell access to exam material and spread misinformation. Investigators claim channel administrators abused the edit feature to backdate posts and pass off altered timestamps as proof of a prior leak.
The legal and political pushback
Telegram has moved the Delhi High Court to challenge the ban, and the court agreed to hear the matter urgently. Digital rights group the Internet Freedom Foundation called the ban a disproportionate, "constitutionally incompatible" response to exam fraud.
Durov framed the ban as collective punishment. "The ban unfairly penalizes 150 million ordinary users while failing to stop the actual leakers, who simply moved to other platforms," he wrote.
How affected users are bypassing the block
Users in India and those caught by the routing spillover have turned to Telegram's built-in proxy feature to restore access. The process takes under a minute.
Telegram shares proxy server addresses through its official channels. VPNs also work, though they carry their own privacy and performance tradeoffs.
Logicity's Take
The NEET scandal is real, and the government's frustration is understandable. But banning a platform used by 150 million people to catch a few dozen cheaters is a category error. The leakers are already on WhatsApp, email, and whatever comes next. The more interesting story here is the BGP leak: it exposed how fragile global routing remains when a single carrier misconfigures a block. India's domestic internet governance decisions can ripple across the Gulf in seconds, and RPKI adoption is still too patchy to stop it.
Frequently Asked Questions
Why did India ban Telegram?
The government invoked Section 69A of the IT Act after investigators found Telegram channels and bots were used to sell access to leaked NEET-UG exam papers.
How long will the Telegram ban in India last?
The ban is scheduled to remain in effect until June 22, 2026. A separate order disabling the message-editing feature extends to June 30.
Why did the India Telegram ban affect users in the UAE?
A BGP routing anomaly caused by AS18101 announcing Telegram's IP prefixes leaked via FLAG Telecom, misdirecting traffic from users outside India.
Was the BGP hijacking intentional sabotage?
Network analysts who documented the incident say the evidence points to a misconfigured domestic block leaking globally, not deliberate sabotage.
How can users bypass the Telegram ban?
Users can enable Telegram's built-in proxy feature or use a VPN to restore access while the block is in effect.
Need Help Implementing This?
If your organization needs guidance on network resilience, RPKI adoption, or navigating content-blocking regulations, Logicity can connect you with specialists. Reach out to our editorial team for recommendations.
Source: BleepingComputer
Manaal Khan
Tech & Innovation Writer
Related Articles
Browse all
Kraken Crypto Exchange Extortion: Hackers Threaten to Leak Internal Videos After Insider Breach
Cryptocurrency exchange Kraken is being extorted by hackers who obtained videos of internal systems through bribed support employees. The company says no funds were compromised and refuses to pay, with only about 2,000 accounts affected. Kraken is working with federal law enforcement to prosecute everyone involved.
Windows 11 KB5083769 and KB5082052: April 2026 Patch Tuesday Brings Smart App Control Changes and Security Fixes
Microsoft's April 2026 Patch Tuesday updates are now live for Windows 11, bringing critical security patches alongside a welcome change to Smart App Control. You can finally toggle SAC on or off without wiping your entire system. The updates cover versions 23H2, 24H2, and 25H2.
Zero Trust Identity Security: 5 Ways This Framework Actually Stops Credential Theft
Stolen credentials caused 22% of breaches in 2025, making them the top attack vector. Zero Trust promises to fix this, but only when it's built around identity as the core principle. Here's how organizations can implement it properly.
Open Source PR Backlogs: Why Your GitHub Contribution Sits Unreviewed for a Year
A developer's Jellyfin pull request has been waiting over a year for merge despite two approvals, exposing a systemic crisis in open source maintenance. Queuing theory explains why backlogs grow exponentially, and 60% of maintainers have quit or considered quitting due to burnout.
