Telegram has become a locale of choice for cyber criminals looking to buy or sell stolen user data and share hacking tools.
Cyber criminals have been lured to the encrypted messaging app from the dark web by Telegram’s lack of moderation and secure servers. On the platform stolen personal data is shared by hackers with tens of thousands of users according to a joint investigation by The Financial Times and Cyberint.
“We have recently been witnessing a 100 per cent-plus rise in Telegram usage by cybercriminals,” said Tal Samra, cyber threat analyst at Cyberint, in comments to the Financial Times.
“Its encrypted messaging service is increasingly popular among threat actors conducting fraudulent activity and selling stolen data . . . as it is more convenient to use than the dark web,” he added.
Telegram’s messaging service, which lets users create chat rooms with up to 200,000 participants, has become increasingly popular over lockdown and boasts 500m active users. Concerns about data privacy on Facebook-owned WhatsApp have prompted users to look into alternatives.
However, earlier this year a study by vpnMentor, an online security company, also warned that the app was a “safe harbour” for cybercrime.
“Cybercriminals are also flocking to Telegram to share and discuss massive data leaks exposing millions of people to unprecedented levels of online fraud, hacking, and attack,” the company warned.
In January a particularly wide reaching attack, a hacker released private data and account information from 2.28 million users on the Meet Mindful dating site on the dark web, and it appeared later on Telegram. Names, e-mail addresses, home addresses and physical attributes were revealed.
Telegram has declined to comment on the new research as of yet, but has removed the “combolist” channel in response to claims that hundreds of thousands of leaked usernames and passwords were leaked via the chat room.