India Temporarily Bans Telegram Over Medical Exam Fraud

India’s Ministry of Electronics and Information Technology (MeitY) has temporarily banned the Telegram messaging platform, restricting nationwide access until June 22, 2026.

This decision is part of a comprehensive effort to combat organized cheating schemes that are targeting millions of students preparing to retake the National Eligibility cum Entrance Test (NEET UG 2026) on June 21.

The NEET UG 2026 re-examination is being held after the original May exam was canceled following widespread paper-leak allegations.

Millions of medical aspirants across India are scheduled to retake the high-stakes entrance exam, which determines admission to undergraduate medical and dental programs nationwide. The scale of the examination and the desperation of candidates made it a prime target for cyber-enabled fraud.

Two-Pronged Government Directive

The directions, issued on the formal recommendation of the National Testing Agency (NTA), carry two distinct and time-bound components:

• Platform access restriction — Invoked under Section 69A of the Information Technology Act, 2000, this directive blocks access to Telegram in India for a defined period ending June 22, 2026, encompassing the examination day and its immediate aftermath.
• Message-editing feature disable — A separate direction requires Telegram to disable its post-send message-editing feature for all previously published messages in India through June 30, 2026, targeting a specific technical exploit used to fabricate fake paper-leak “evidence.”

The message-editing directive addresses a critical platform-level vulnerability in Telegram’s architecture. Telegram allows channel administrators to retroactively edit the content of a previously posted message including swapping out attached PDFs while the original send-timestamp is preserved.

This capability has been weaponized by fraud actors across multiple recent examinations: a channel operator posts a benign message before the exam, then edits it post-examination to insert the actual question paper, and circulates the timestamped chat as fabricated “proof” that the paper was leaked beforehand. The MeitY directive structurally closes this fabrication window for the post-examination period.

The extent of the organized criminal activity is substantial. Telegram channels operating under names including “PAPER LEAKED NEET,” “Re-NEET 2026,” “Private Mafia,” and “REE NEET MAFIAA” openly solicited payments ranging from a few thousand to several lakhs of rupees from candidates and their families in exchange for purported access to the exam paper.

The Ahmedabad City Cyber Crime Branch arrested members of an inter-state cyber-fraud gang operating eight Telegram channels, with documented fraudulent transactions totaling approximately ₹1.5 crore and roughly 1,000 mobile numbers contacted in a single month.

The Bihar Police Economic Offenses Unit issued a formal public advisory on June 9, 2026, warning candidates against such schemes circulating on Telegram and other platforms.

Acting on continuous intelligence from NTA and state police forces in Bihar, Gujarat, and Rajasthan, I4C secured the takedown of numerous fraudulent Telegram channels, groups, and bots prior to the platform-level ban being issued. The Central Bureau of Investigation (CBI) is conducting a parallel inquiry into the underlying criminal offenses.

NTA has confirmed that no examination paper exists outside the secure examination chain, and any promise of pre-examination access to question papers is, without exception, fraudulent.

The platform access restriction is strictly confined to the examination window, and NTA has acknowledged the inconvenience caused to millions of legitimate Telegram users in India. The message-editing restriction, which runs through June 30, does not affect sending or receiving new messages on the platform.

Disclaimer: HackersRadar reports on cybersecurity threats and incidents for informational and awareness purposes only. We do not engage in hacking activities, data exfiltration, or the hosting or distribution of stolen or leaked information. All content is based on publicly available sources.