Cybercriminals are using Telegram to carry out malicious operations, a new study reveals.
Every minute, nearly US$3 million is lost to cybercrime. And by 2025, cybercrime is set to cost the world over US$10 trillion. That cybercrime demands our immediate attention is evident. Cybercrimes are becoming easier and more prominent than ever before. A 2019 Global Data Risk Report revealed that, on average, only 5% of companies have properly protected their folders. As a startup, you must adopt measures to protect your business from a cyberattack. To know how you can do so, check out this article.
The semi-encrypted chat app Telegram has created a platform that enables seamless criminal activity. An investigation by cyber intelligence group Cyberint, together with the Financial Times, found that cybercriminals are trading and sharing stolen data and hacking tools on the app. The data includes email password leaks, financial data, credentials for bank accounts and Netflix accounts, malicious software, and even home addresses, among other things. The study adds that the use of terms like “Email:pass” and “Combo”—common cybercriminal vocabulary indicating stolen email and password lists—rose fourfold over the past year.
What makes Telegram a criminal hotbed?
The Cyber Threat Analyst at Cyberint Tal Samra said, “We have recently been witnessing a 100 per cent-plus rise in Telegram usage by cybercriminals.” According to her, the app has gained infamy as it is more convenient than the dark web.
According to the study, Telegram is easy to use and lacks regulation. It is easier to find buyers there than on the dark web, making it an ideal platform for hackers. Plus, unlike WhatsApp, it doesn’t display users’ numbers in the group chat. But thanks to that, thousands of criminals can also anonymously share illegally-obtained data with each other.
How does it work
Research by vpnMentor revealed that “most data leaks and hacks” are shared on Telegram after being sold on the dark web. In case the criminals fail to find a buyer, they decide to share the information publicly on Telegram.
The Cyberint study gives the example of a Telegram channel called “combolist” which had nearly 50,000 subscribers. The hackers would sell or circulate large amounts of stolen data, like usernames and passwords. One of their posts, titled “Combo List Gaming HQ”, provided 300,000 emails and passwords that one could use to hack video game platforms, like Minecraft and Uplay. Another post offered 600,000 user logins for Yandex (a Russian internet group), Yahoo, and even Google. Telegram removed the channel earlier this month.
The next steps for Telegram
The Dubai-headquartered app launched in 2013 and has over 500 million users now. It allows users to broadcast messages via channels and send large files directly via the app. People shifted to using Telegram after concerns regarding the privacy policy of Facebook-owned WhatsApp.
However, the app’s approach to privacy might not be as great as one would think. The vpnMentor research added, “Telegram is incredibly secretive and operates with zero transparency.” That’s making it a safe haven for cybercriminals.
The app plans on an initial public offering (IPO) in the future and wants to include advertising on its platform. To do so, it will have to give due attention to content moderation. In a statement, Telegram said that, every day, its “ever-growing force of professional moderators” addresses user reports and removes over 10,000 public communities for violating the app’s terms of service.
Header Image by Christian Wiediger on Unsplash