Posted on September 21, 2021 at 4:28 PM
Telegram, a leading messaging platform, has become a major hub for hackers looking to exchange stolen data or buy and sell hacking software. Hackers are now using Telegram as an alternative to using the dark web because the platform is easy to use and lacks moderation.
A recent publication by the Financial Times referred to an investigation conducted by Cyberint, a cyber-intelligence firm. The investigation exposed a growing number of hackers who are sharing leaked data on the messaging platform. Some are also sharing the data and hacking tools on Telegram channels that contain thousands of subscribers.
Cybercriminals Opt for Telegram
The hacking content sold on Telegram resembles what is usually sold on the dark web. Some channels come with links to websites known for being used by hackers and can only be accessed using a special type of software.
Tal Samra, an analyst with Cyberint, stated that “We have recently been witnessing a 100 per cent-plus rise in Telegram usage by cybercriminals.” Samra also noted that the encryption feature on this messaging platform had attracted threat actors who wanted to engage in hacking activities or share the stolen data.
Telegram enables users to share messages using channels or creating groups that others can access. Telegram also enables users to share large files such as texts and ZIP folders.
However, the recent association of the messaging platform could force its developers, who are headquartered in Dubai, to change the platform’s policy in terms of content moderation. This will especially be a necessity for the platform, as it plans to launch an Initial Public Offering. It is also looking into ways of offering advertising services to the platform.
Telegram as the New Dark Web
The report also stated that the links on the dark web leading to Telegram groups and channels had reached over 1 million in 2021. This is a big jump compared to the 172,035 reported in 2020.
At the beginning of the year, vpnMentor had also published a report that demonstrated the increased use of Telegram by cybercriminals. This research pointed to data dumps found on Telegram that contained information obtained from hacking activities on Facebook, Meet Mindful dating site and Click.org.
At the time, vpnMentor stated that the data dumps that were available on Telegram were transferred to the platform after being sold on the dark web. The report also stated that hackers who cannot find buyers for stolen data on the dark web choose to dump the data on Telegram free.
The Financial Times report also stated that Telegram was finding favor with threat actors because it provided anonymity through end-to-end encryption. However, some of the groups where the information was being sold were public and could be easily accessed by users who were not hacking experts, which could trigger a surge in cybercrimes.
Besides encryption, hacklers found it easier and faster to find buyers of stolen data on Telegram. The platform provided a smooth and quick transaction process, and people could transact openly.
Telegram is also less focused on content moderation than other social media platforms such as Facebook and Twitter. Besides causing a rise in the use of the messaging platform by cybercriminals, the lack of content moderation has also made the platform popular for conspiracy theories and hate speech.
The recent revelations by Cyberint will mount pressure on the platform to introduce content moderation policies, especially because the platform is planning to use public Telegram channels for advertising.
The company also raised over $1 billion through a bond sale in March. It plans to use these funds to launch an IPO that will make it a publicly-traded company, just like Facebook.
Despite the accusations thrown at the platform for lack of content moderation, the platform has previously stated that it has a tea of professional moderators who remove over 10,000 public communities each day for violating the terms of service.