Follow
Yeah, I also wondered about the PitM when first saw the article summary :) As for the attack details, as I understand it that's the very point of the backdoor/bug - you establish a classic MitM where you're proxying the connection between the Telegram server and the victim so this happens *before* shared secret is even established.