Telegram Is Where Cyber Criminals Do Business

Uploaded on 2021-09-28 in TECHNOLOGY-Key Areas-Social Media, GOVERNMENT-Law Enforcement, FREE TO VIEW

Telegram is a free and open-source platform that offers cloud-based instant messaging to its users  and the service is justifiably popular for its end-to-end encrypted chats, file sharing, and video calling feature. In other words, Telegram is a WhatsApp alternative.

Now research shows that a growing network of criminals are using Telegram to share data leaks on the platform. In fact, it looks like Telegram has become a major a hub for cyber criminals looking to buy, sell and share stolen data and hacking tools, as the messaging app emerges as an alternative to the Dark Web.

The Financial Times reports that this increase in cyber criminal activities on Telegram has increase since angry WhatsApp users switched to Telegram to have the same benefits of instant messaging with extra security and privacy. What seems to have cause the use of Telegram is that recently WhatsApp announced an update in its policy and terms of service, literally forcing users to accept their new terms and conditions wherein it would share data with its parent company, Facebook. 

Privacy activists and consumers were outraged by WhatsApp’s revised policy, so much so, that they decided to switch from WhatsApp entirely and move to secure alternatives like Telegram and Signal.

An investigation by cyber intelligence group Cyberint, together with the Financial Times, found a ballooning network of hackers sharing data leaks on the popular messaging platform, sometimes in channels with tens of thousands of subscribers, lured by its ease of use and light-touch moderation.In many cases, the content resembled that of the marketplaces found on the dark web, a group of hidden websites that are popular among hackers and accessed using specific anonymising software.

Telegram has become a locale of choice for cyber criminals looking to buy or sell stolen user data and share hacking tools.

Cyber criminals have been lured to the encrypted messaging app from the dark web by Telegram’s lack of moderation and secure servers. On the platform stolen personal data is shared by hackers with tens of thousands of users Telegram has declined to comment, but has removed the “combolist” channel in response to claims that hundreds of thousands of leaked usernames and passwords were leaked via the chat room.

About Telegram 

Telegram was launched in 2013 by brothers Nikolia and Pavel Durov. Previously, the pair founded the Russian social network VK, which they left in 2014 after it was taken over by President Putin's allies. It is an online messaging app that works just like popular messaging apps WhatsApp and Facebook Messenger and this means that you can use it to send messages to your friends when connected to Wi-Fi or your mobile data. 

Telegram’s core functionality is the same as most other messaging apps: You can message other Telegram users, create group conversations, call contacts, make video calls, and send files and stickers. 

However, there are a few specific features that make it work differently from other chat apps.

  • What makes Telegram unique is its focus on privacy, encryption, and an open-source API. There are countless unofficial clients to go along with the official Telegram apps and web interface. It also allows multiple devices to use the same account (verified by SMS), and multiple accounts on the same device.
  • Telegram is cloud-based and claims that it prioritises security and speed, making it a good alternative to other popular messaging apps. 
  • Telegram provides end-to-end encrypted voice and video calls and optional end-to-end encrypted "secret" chats. Cloud chats and groups are encrypted between the app and the server, so that ISPs and other third-parties on the network can't access data, but the Telegram server can. 
  • Users can send text and voice messages, make voice and video calls, and share an unlimited number of images, documents (2 GB per file), user locations, animated stickers, contacts, and audio files.
  • Telegram passed 500 million monthly active users in January 2021 and was the most downloaded app worldwide in with 1 billion downloads globally by August.

In almost very way, Telegram is an ideal platform cyber criminals to do business with each other.

All its activities including chats, groups and media shared between participants, is encrypted. This means that they won’t be visible without being deciphered first. The app also lets you set self-destruct timers on messages and media that you share which can range from two seconds to one week through its built-in feature ‘Secret Chat’. The use end-to-end encryption, leaving no trace on Telegram’s servers.

Financial Times:    Ars Technica:    Slashdot:    City AM:     TechStory:    Voonze:    Android Authority:    Thales:

You Might Also Read: 

Police First Hack Then Demolish Organised Crime Gangs:

 

« How Do Netflix And Other OTT's Take Care Of Cyber Security?
Europol Breaks Open Mafia Cyber Crime Group »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Australian Information Security Association (AISA)

Australian Information Security Association (AISA)

AISA champions the development of a robust information security sector by building professional capacity and advancing the cyber security of the public, business and governments in Australia.

CyberSource

CyberSource

CyberSource provides online payment and fraud management services for medium and large-sized merchants.

Telecom Information Sharing and Analysis Center Japan (T-ISAC Japan)

Telecom Information Sharing and Analysis Center Japan (T-ISAC Japan)

T-ISAC Japan coordinates information sharing and activities related to ISP/telecommunications network security in Japan.

SySS

SySS

SySS is a market leader in penetration testing in Germany and Europe.

Sqreen

Sqreen

Sqreen is a web application security monitoring and protection solution helping companies protect their apps and users from attacks.

Echoworx

Echoworx

Echoworx primary and exclusive focus is providing organizations with secure email services.

LEPL Cyber ​​Security Bureau - Georgia

LEPL Cyber ​​Security Bureau - Georgia

The aim of the LEPL Cyber Security Bureau is to create and strengthen stable, efficient and secure systems of information and communications technologies.

CyberGRX

CyberGRX

The CyberGRX Exchange and our risk assessments-as-a-service help Enterprises and Third Parties cost-effectively identify, prioritize and mitigate risk.

CipherTrace

CipherTrace

CipherTrace develops cryptocurrency Anti-Money Laundering, cryptocurrency forensics, and blockchain threat intelligence solutions.

Ataya & Partners

Ataya & Partners

Ataya & Partners is a consulting company that delivers data protection, cybersecurity and IT & Digital governance services.

Recruit.net

Recruit.net

Recruit.net allows job seekers to instantly find millions of jobs from thousands of web sites with a single search.

Cyber Command - Estonian Defence Forces

Cyber Command - Estonian Defence Forces

The main mission of the Cyber Command is to carry out operations in cyberspace in order to provide command support for Ministry of Defence’s area of responsibility.

Next47

Next47

Next47 is a global venture firm, backed by Siemens, committed to turning today's impossible ideas into tomorrow's indispensable industries.

Google Safety Engineering Center (GSEC)

Google Safety Engineering Center (GSEC)

GSEC Málaga is an international cybersecurity hub where Google experts work to understand the cyber threat landscape and to create tools that keep users around the world safer online.

Btech

Btech

Btech is the market leader in providing affordable managed IT security services for credit unions.

Benchmark Executive Search

Benchmark Executive Search

Benchmark specializes in finding elite talent for startup, emerging-growth and mid-cap companies offering game-changing technologies or innovative services to the federal and commercial markets.