Telegram Is Where Cyber Criminals Do Business

Uploaded on 2021-09-28 in TECHNOLOGY-Key Areas-Social Media, GOVERNMENT-Law Enforcement, FREE TO VIEW

Telegram is a free and open-source platform that offers cloud-based instant messaging to its users  and the service is justifiably popular for its end-to-end encrypted chats, file sharing, and video calling feature. In other words, Telegram is a WhatsApp alternative.

Now research shows that a growing network of criminals are using Telegram to share data leaks on the platform. In fact, it looks like Telegram has become a major a hub for cyber criminals looking to buy, sell and share stolen data and hacking tools, as the messaging app emerges as an alternative to the Dark Web.

The Financial Times reports that this increase in cyber criminal activities on Telegram has increase since angry WhatsApp users switched to Telegram to have the same benefits of instant messaging with extra security and privacy. What seems to have cause the use of Telegram is that recently WhatsApp announced an update in its policy and terms of service, literally forcing users to accept their new terms and conditions wherein it would share data with its parent company, Facebook. 

Privacy activists and consumers were outraged by WhatsApp’s revised policy, so much so, that they decided to switch from WhatsApp entirely and move to secure alternatives like Telegram and Signal.

An investigation by cyber intelligence group Cyberint, together with the Financial Times, found a ballooning network of hackers sharing data leaks on the popular messaging platform, sometimes in channels with tens of thousands of subscribers, lured by its ease of use and light-touch moderation.In many cases, the content resembled that of the marketplaces found on the dark web, a group of hidden websites that are popular among hackers and accessed using specific anonymising software.

Telegram has become a locale of choice for cyber criminals looking to buy or sell stolen user data and share hacking tools.

Cyber criminals have been lured to the encrypted messaging app from the dark web by Telegram’s lack of moderation and secure servers. On the platform stolen personal data is shared by hackers with tens of thousands of users Telegram has declined to comment, but has removed the “combolist” channel in response to claims that hundreds of thousands of leaked usernames and passwords were leaked via the chat room.

About Telegram 

Telegram was launched in 2013 by brothers Nikolia and Pavel Durov. Previously, the pair founded the Russian social network VK, which they left in 2014 after it was taken over by President Putin's allies. It is an online messaging app that works just like popular messaging apps WhatsApp and Facebook Messenger and this means that you can use it to send messages to your friends when connected to Wi-Fi or your mobile data. 

Telegram’s core functionality is the same as most other messaging apps: You can message other Telegram users, create group conversations, call contacts, make video calls, and send files and stickers. 

However, there are a few specific features that make it work differently from other chat apps.

  • What makes Telegram unique is its focus on privacy, encryption, and an open-source API. There are countless unofficial clients to go along with the official Telegram apps and web interface. It also allows multiple devices to use the same account (verified by SMS), and multiple accounts on the same device.
  • Telegram is cloud-based and claims that it prioritises security and speed, making it a good alternative to other popular messaging apps. 
  • Telegram provides end-to-end encrypted voice and video calls and optional end-to-end encrypted "secret" chats. Cloud chats and groups are encrypted between the app and the server, so that ISPs and other third-parties on the network can't access data, but the Telegram server can. 
  • Users can send text and voice messages, make voice and video calls, and share an unlimited number of images, documents (2 GB per file), user locations, animated stickers, contacts, and audio files.
  • Telegram passed 500 million monthly active users in January 2021 and was the most downloaded app worldwide in with 1 billion downloads globally by August.

In almost very way, Telegram is an ideal platform cyber criminals to do business with each other.

All its activities including chats, groups and media shared between participants, is encrypted. This means that they won’t be visible without being deciphered first. The app also lets you set self-destruct timers on messages and media that you share which can range from two seconds to one week through its built-in feature ‘Secret Chat’. The use end-to-end encryption, leaving no trace on Telegram’s servers.

Financial Times:    Ars Technica:    Slashdot:    City AM:     TechStory:    Voonze:    Android Authority:    Thales:

You Might Also Read: 

Police First Hack Then Demolish Organised Crime Gangs:

 

« How Do Netflix And Other OTT's Take Care Of Cyber Security?
Europol Breaks Open Mafia Cyber Crime Group »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

SureCloud

SureCloud

SureCloud is a Governance, Risk and Compliance (GRC) and Cybersecurity Solutions provider.

Cloudera

Cloudera

Cloudera provide the world’s fastest, easiest, and most secure data platform built on Hadoop.

KPN

KPN

KPN is a leading supplier of ICT services including Cyber Security, Identity & Privacy, Secure Communications and Business Continuity.

Fox-IT

Fox-IT

Fox-IT prevents, solves and mitigates the most serious cyber threats with smart solutions for governmental bodies, defense, law enforcement, critical infrastructure, banking and large enterprises.

OmniNet

OmniNet

OmniNet delivers the next generation of cybersecurity and is the only provider in the market to move the edge of small businesses to a virtual, omnipresent perimeter.

Seltek Technology Solutions

Seltek Technology Solutions

Seltek provides Digital Forensics, eDiscovery, Cybersecurity Assessments and IT Support services.

Verafin

Verafin

Verafin is one of the North American leaders in fraud detection and AML software.

ByteLife Solutions

ByteLife Solutions

ByteLife Solutions specialises in the provision of IT infrastructure services and solutions, including cybersecurity.

US Secret Service

US Secret Service

The US Secret Service has a pivotal role in securing the nation’s critical infrastructures, specifically in the areas of cyber, banking and finance.

Innovasec

Innovasec

Innovasec provide information security consulting and training services.

Clone Systems

Clone Systems

Clone Systems is an award winning global cloud based managed security as a service provider.

Nudge Security

Nudge Security

Nudge Security offer the world's first-ever SaaS security solution to discover shadow IT and curb SaaS sprawl across any device or location and nudges employees towards optimal security behavior.

RSK Cyber Security

RSK Cyber Security

RSK Cyber Security are a leading cyber security services company that uses services, consulting, and product knowledge to lower security risk across the board.

OccamSec

OccamSec

OccamSec is a leading provider in the world of cybersecurity. We provide accurate, actionable information to reduce risk and enable better informed decisions.

Vercara

Vercara

Vercara offers a purpose-built, global cloud security platform that provides layers of protection to safeguard businesses’ online presence, no matter where an attack comes from or where it is aimed.

Vertek

Vertek

Vertek is a leading provider of operations consulting, end-to-end business process outsourcing, business intelligence, software applications and managed cybersecurity solutions.