France Extends Telegram CEO Pavel Durov’s Detention over Cybercrime Allegations

• Telegram owner Pavel Durov was ordered to remain in custody for up to four days beyond Sunday.
• The CEO was arrested last weekend as part of a French investigation into the popular messaging app’s abuse by cybercriminals.
• Once the 96 hours are up, the authorities need to either charge or release Durov.

Telegram CEO Pavel Durov was arrested last weekend at a Paris airport on allegations that the popular messaging app, which is considered extremely secure, enabled criminal activities. French authorities on Sunday extended his detention, and he was still in the French police’s custody on Monday, according to local press.

Durov, 39, was ordered to remain in custody beyond Sunday night, according to an AFP report cited by Reuters, where he can be held for questioning for up to 96 hours before being charged or released.

The Russian-born billionaire and Telegram owner was taken into custody at a private jet airport close to Paris while he was traveling on his private jet from Azerbaijan.

The French arrest warrant targets Durov as a part of a preliminary investigation led by a cybersecurity gendarmerie and the national anti-fraud police unit, which looks into the alleged enabling of a wide range of crimes, including money laundering and drug trafficking, due to a lack of Telegram moderators and cooperation with the police.

A Telegram statement on Sunday declared Pavel Durov has “nothing to hide,” underlining the absurdity of linking the abuse of a platform to its owner. The statement also mentioned that the Dubai-based company abides by European Union laws.

The Paris public prosecution office did not immediately comment, and French authorities have not confirmed Durov's arrest yet.

This year, concerns over Telegram becoming a tool for hackers to deploy malware increased. Telegram’s versatility as a messaging app attracted cybercriminals who use Telegram's API to create bots for their criminal activities. The bots can send back alerts with real-time updates about the infected target, mainly in complex attacks on websites.

In other news, a now-patched zero-day Telegram for Android flaw was recently up for sale on a Russian-speaking hacking forum. Dubbed EvilVideo, the flaw allowed attackers to send hidden malicious APK payloads that look like multimedia files via Android Telegram in v10.14.4 and older.