Telegram's t.me link shortener went offline after a domain provider over-applied US Treasury sanctions meant for an unrelated VPN service.
The Treasury Department sanctioned a VPN provider tied to ransomware groups, and the top-level domain registrar responsible for the .me namespace moved to comply. In doing so, it suspended t.me — Telegram's core short-link domain — along with the actual target. Telegram itself was not sanctioned. The outage took down any link using the t.me format, which is how Telegram routes channel invites, group links, and bot handles.
This is a useful reminder that sanctions enforcement in the domain layer is blunt by design. A registrar told to cut off a domain under a given TLD has limited surgical options — it pulls the record and asks questions later. For a platform like Telegram, which routes nearly all shareable links through a single short domain, that bluntness has outsized consequences.
Ransomware groups have long used commercial VPNs and anonymizing services to cover their tracks; sanctioning those providers is a legitimate enforcement tool. But when compliance infrastructure is this coarse, collateral damage to unrelated services is not an edge case — it is a predictable outcome.