Here's the article from the Belarusian website http://dev.by
, it is an interview with a former member of dictator Lukashenko band (so-called Chief Organized Crime and Corruption Fighting Directorate). And he told how they used to detect Telegram administrators:
For example, someone dropped a picture into the chat, it has a certain weight in bytes. It is checked who at this particular time in the country transmitted a message with such a number of bytes to the telegram server, up to a second. So they find it.
To me, it sounds like a joke. All Telegram traffic should be encrypted, I doubt it is possible to get the exact size of the message body in bytes. Also, even if is possible, which information can be retrieved using that approach? Or the point is in sniffing the traffic in general and detecting users by IP?