Telegram security
Can anyone recover a hacked Telegram account? The honest answer.
Only Telegram can recover a hacked account, and even then it is not guaranteed. There is no third party, hacker, or "recovery agent" who can do it, and anyone in your replies or DMs claiming they can is the second scam. Do not pay them. Your real options are Telegram's support form, the SMS login race, and the 7-day password reset.
The honest answer first
Only Telegram can recover a hacked Telegram account. Not a hacker, not a "white-hat recovery specialist," not a Fiverr gig, not the helpful stranger who slid into your replies twenty minutes after you posted that you were locked out. There is exactly one entity on earth that can return your account to you, and it is Telegram itself, because Telegram recovers accounts by verifying that you control the phone number, and nobody outside Telegram can do that for you.
That is the whole truth, and it is worth sitting with for a second, because the next thing that happens to most hacked users is worse than the hack: someone offers to fix it. They cannot. Paying them is how you get robbed a second time.
This article is the part nobody tells you straight. What you can actually do today, how to really reach Telegram support, what the realistic odds and timelines are, and how to spot the recovery-scam that is already forming in your inbox.
How Telegram account recovery actually works
Telegram has no "forgot my account" button that a support human clicks to hand it back. Recovery is mechanical and identity-based. You prove you own the number, you get a login code by SMS, you are back in. Everything flows from that single fact, which is why the attacker's first move is always to take the number and email away from you.
Here is what that means in practice.
If you can still receive SMS to your number, move now. Open Telegram, log in with your phone number, get the SMS code, and you are in. Then immediately go to Settings, Devices, and terminate every session that is not yours, and change or set your two-step verification password. There is a known 24-hour window after a new login where sessions cannot kill each other, which cuts both ways: the attacker may not be able to boot you yet, so use that time. Speed is the entire game.
If the attacker has already changed the linked phone number, your odds drop sharply, because the thing Telegram uses to identify you now points at them. You are not out of options, but you are now relying on Telegram support and proof of ownership rather than a clean SMS login.
How to actually reach Telegram support
Telegram support is famously a black hole, and the despair in "I may never get my account back" is real. But there is a correct door, and most people never find it.
- The login support form at telegram.org/support. This is the right channel for a lost or hijacked login, not the in-app "Ask a question" bot. Send your registered phone number in full international format, your approximate last login date, the device you used, and a plain description of what happened. Calm, factual, one message.
- Expect an automated reply first. Telegram's user-facing support runs largely on volunteers, and the first response is usually a template. That does not mean you failed. Reply once with your details and wait.
- Realistic timelines. Simple cases where you still control the number can resolve in minutes. Genuine hijacks that need a human can take anywhere from a day to over a week, and some never get a useful answer at all. Set your expectations there so the silence does not crush you.
I want to be honest rather than comforting: there is no SLA, no phone number to call, no escalation tier you can buy. Persistence and clean proof of ownership are the only levers you have.
The 7-day reset reality (and the inactivity myth)
Two timers matter, and people confuse them constantly.
The 7-day two-step verification reset. If the blocker is a two-step (cloud) password you forgot or the attacker set, and you do not have the recovery email, Telegram lets you request a reset that completes after a 7-day server-side timer (Telegram's own SRP docs describe this). The catch: that reset can be cancelled from any logged-in session, so if the attacker is still sitting in your account, they can decline it and keep you out. There is also the destructive "Reset Account" path, which wipes all your cloud chats and contacts but lets you reclaim the number without the wait. Use that only when the account itself matters more than its contents.
The inactivity self-destruct is not a recovery tool. Telegram deletes an account after a long period of inactivity (18 months by default, configurable down to 1 month). People hear "self-destruct" and imagine the hacked account will quietly free itself. It will not. The attacker is using it daily, so it is not inactive, and waiting only gives them more time. Do not rely on this.
The recovery-scam epidemic: the second scam
This is the part that matters most, so read it twice.
The moment you post "my Telegram got hacked" anywhere public, especially in crypto circles, you become a target for a second, more predatory wave. Within hours you will get replies and DMs from accounts offering to recover it: a "recovery hacker," a "Telegram support team member," a "blockchain forensics expert," someone with a glossy profile and testimonials. Every single one of them is a scammer. There is no exception, because the actual recovery mechanism (proving you own the number) is something only Telegram can do and you can do yourself for free.
Security researchers have documented this exact pattern, where the first scam is followed by a second extortion attempt dressed up as help, and victims are told never to pay a new "recovery," "unlock," or "verification" fee (Aura). It is industrialized. Telegram-specific fraud losses exceeded $200 million with scam activity up 43% in the recent measurement period (Plisio), and the recovery con is a reliable revenue line inside that number.
How to spot the second scam every time:
- They contact you after you posted about being hacked. Real recovery never works that way.
- They ask for a fee, a deposit, a "gas" payment, or crypto up front.
- They ask for a login code, your seed phrase, or remote access to your device. A code is the keys to the account; handing it over completes the takeover.
- They promise a guaranteed recovery or a fast "guy on the inside at Telegram." There is no inside guy.
- They show urgency and testimonials. Both are theater.
The rule is simple. Do not pay anyone. Do not share any code with anyone. Telegram will never DM you to help, and no legitimate person can recover your account for money.
What you can actually do today
- Try to log back in over SMS right now, before the number is changed.
- If you are in, terminate all other sessions and set a strong two-step password with a recovery email you control.
- If you are locked out, file the login form at telegram.org/support with your number, last login, and device.
- Warn your contacts directly (call, signal, another channel) that your account may be DMing them asking for money or crypto. The weaponized "ignore the messages from me" warning saves your friends from being the next victim.
- If crypto is involved, move funds from any wallet whose seed or keys could have touched the compromised device. Treat the device as burned and run a clean scan or reinstall, because a stolen session usually means malware that is still there.
- Block and report every "recovery" offer. Do not engage, do not negotiate.
For the deep technical version of how these sessions get stolen and replayed (the tdata folder, the "no new-login alert" problem, the 140ms reaction lab work), see why an attacker can replay your stolen Telegram session and why terminating a Telegram session often does not work.
Prevention for your next account
Recovery is a coin flip you do not want to flip. The honest takeaway is that the only reliable win is not getting locked out in the first place. A few things genuinely help: set a two-step password with a recovery email you actually own, audit Settings, Devices regularly, never paste a login code anywhere, and be ruthless about what you install on the machine running Telegram Desktop, since the tdata folder on that machine is the prize. Stolen Telegram identities sell for as little as $5 per ten accounts on underground markets (Imperva), which tells you how cheap and automated this has become.
Why we built Sessions, and why it cannot recover your account
We will be straight with you, because the whole point of this page is honesty: Sessions cannot recover a hacked account. Nothing can, except Telegram. We built Sessions for the step before the lockout, the gap that makes recovery necessary in the first place.
Here is the gap. When someone steals your live session (your tdata folder, copied by malware), they log in as you with an already-authorized session. Telegram sends no "new login" alert, because to Telegram it looks like you. Two-factor authentication does not stop it, because the session was already past 2FA when it was stolen. You find out only when you are locked out, and by then you are in the recovery coin-flip above.
Sessions watches your own account from inside an attested AWS Nitro enclave, notices the hijacked or replayed session that Telegram stays silent about, and ends the attacker's access fast, the moment it sees the second live session. It is non-custodial: it cannot read your messages or move your funds, the code is open source and verifiable, and you can revoke it anytime. We would rather you never need a recovery article at all.
And the line we will never stop repeating, because it is the heart of this brand: only Telegram can recover a hacked account. Anyone else who offers to is the second scam. Do not pay them.
Frequently asked questions
- Can anyone really recover my hacked Telegram account for me?
- No. Only Telegram can, and only by verifying you own the phone number. No hacker, agency, freelancer, or self-described recovery expert can do this. Anyone who offers to is running a scam. The recovery steps Telegram offers are things you do yourself for free.
- Someone DMed me offering to recover my account. Is it legit?
- No. It is the second scam, and there are zero exceptions. Legitimate recovery never starts with a stranger contacting you after you posted about being hacked. They will ask for a fee, a login code, or your seed phrase. Do not pay, do not share any code, block and report them.
- How do I actually contact Telegram support about a hacked account?
- Use the login support form at telegram.org/support, not the in-app question bot. Send your full international phone number, approximate last login date, and device. Expect an automated reply first. Support runs largely on volunteers, so persistence and clean proof of ownership matter.
- What is the 7-day Telegram reset and will it get my account back?
- If a two-step verification password is blocking you and you have no recovery email, Telegram lets you reset it after a 7-day timer. The problem: an attacker still logged into your account can cancel that reset. The destructive Reset Account option skips the wait but erases all your cloud chats and contacts.
- How long does Telegram take to respond, and what are my odds?
- There is no guaranteed timeline. If you still control your number, you can often log back in within minutes. Genuine hijacks needing a human can take a day to over a week, and some never get resolved. Odds fall sharply once the attacker changes the linked number and email.
- Will turning on 2FA recover or protect a stolen session?
- 2FA does not recover anything, and it does not stop a stolen session. Session theft reuses a login that was already authorized past 2FA, so the attacker is already inside. 2FA helps protect a fresh account going forward, but it is not a recovery tool and not a defense against tdata session theft.
- My hacked account is DMing my contacts for money. What do I do?
- Warn your contacts immediately through another channel (call, Signal, another app) that messages from you may be a scammer asking for money or crypto. Tell them to ignore and not send anything. Then keep working the real recovery steps. Warning people fast is the single kindest thing you can do here.
Keep reading
Stop a takeover before it starts.
Sessions watches your Telegram around the clock and removes any session that isn’t you, automatically. Open, hardware-attested, and yours to revoke.