Maybe there is no such thing as a safe messaging app. Privacy concerns led WhatsApp users to migrate away from the app and find a new home on Signal, Telegram, and other apps. However, a cyber intelligence group has released details that show hackers are migrating to Telegram as well from the dark web.
Telegram is a New Home for Hackers
Love the convenience of Telegram? So do hackers. Cyber intelligence group Cyberint, working with the Financial Times, found that hackers are moving to Telegram for the convenience.
“We have recently been witnessing a 100 percent-plus rise in Telegram usage by cybercriminals,” said Tal Samra, a Cyberint cyber threat analyst. “Its encrypted messaging service is increasingly popular among threat actors conducting fraudulent activity and selling stolen data, as it is more convenient to use than the dark web.”
Both public and private groups that are easy to access can be created on Telegram. Additionally, large data files can be shared. You’re probably already putting together the allure of Telegram to hackers.
With Telegram claiming to have more than 500 million active users and more than 1 billion downloads, the number of times hacking codes “Email:pass” and “Combo” were mentioned in Telegram rose to 3,400.
“Combolist,” a public Telegram channel, has more than 47,000 subscribers. Hackers use this channel to share huge data dumps containing leaked usernames and passwords.
“Combo List Gaming HQ” is a post with 300,000 supposedly hacked emails and passwords for Minecraft, Origin, and Uplay. A separate post had double that amount of data for Yandex and others for Google and Yahoo. After Telegram was contacted by the Financial Times, it deleted the post.
Along with usernames and passwords, there is also leaked financial data and copies of passports. Malicious software and hacking guides are shared on Telegram as well.
The Telegram links to this info are being shared on the dark web in large numbers as well. Telegram links have increased this year to more than a million. It’s a big jump from just 172,085 in 2020.
This data echoes what was reported by vpnMentor earlier this year. Data leaks from Facebook, Click.org, and Meet Mindful were found in Telegram data dumps. vpnMentor found that the data was being sold on the dark web, then shared on Telegram. It also determined those dumping data on Telegram were less savvy than typical dark web users.
Hackers Like Privacy Too
And all of this appears to be taking place because hackers like privacy too. Telegram is encrypted, after all, so many hackers now favor it over the dark web. It’s also more accessible, functions better, and holds less chance that law enforcement will be tracking it.
Privacy is also the reason hackers choose Telegram over WhatsApp. The latter shows users’ numbers in group chats, unlike Telegram. While Signal is encrypted, it’s more likely to be used by people who already know each other, rather than groups of strangers in a forum setting.
Telegram is also known to have less content moderation, giving way to hate groups and conspiracy theorists. It began closing to extremist and white supremacist groups in January after the U.S. Capitol riot.
Telegram claims to have “a policy for removing personal data shared without consent” and that its moderators remove more than 10,000 public communities for terms of service violations. But if the hacked content exists in greater numbers, it shows how much of a crime marketplace it’s becoming.