Telegram has exploded as a hub for cybercriminals trying to buy, sell and share stolen data and hacking tools. New research shows that messaging apps are emerging as an alternative to the dark web.
According to a study by cyber intelligence groups Cyberint and the Financial Times, data breaches are shared on popular messaging platforms, sometimes on channels with tens of thousands of subscribers, fascinated by their ease of use and light touch moderation. It turns out that the network of hackers who do is exploding. ..
Content was often similar to marketplace content on the dark web, a group of hidden websites that were popular with hackers and accessed using certain anonymous software.
Tal Samra, Cyber Threat Analyst at Cyberint, said:
“The encrypted messaging service is becoming more and more popular among threat actors who cheat or sell stolen data … because it’s easier to use than the dark web.”
Released in 2013, Telegram allows users to broadcast messages to their followers via “channels” and create public and private groups that others can easily access. Users can also send and receive large data files such as text files and zip files directly from the app.
According to SensorTower data, the platform has over 500 million active users and over 1 billion downloads in August.
However, its use by the underground world of cybercrime could increase pressure on Dubai-based platforms. Strengthen content moderation We are planning an initial public offering in the future and are considering introducing advertising to the service.
According to Cyberint, Telegram mentions “Email: pass” and “Combo” (a hacker term used to indicate that a list of stolen emails and passwords is shared). It has quadrupled over the past year to nearly 3,400.
In one public telegram channel called “combolist” with more than 47,000 subscribers, hackers sell or simply distribute large data dumps of hundreds of thousands of leaked usernames and passwords.
The post titled “Combo List Gaming HQ” provided 300,000 emails and passwords claiming to help hack video game platforms such as Minecraft, Origin, and Uplay. The other is that users of the service of the Russian internet group Yandex are said to have logged in 600,000 times. Others for Google and Yahoo.
Telegram deleted the channel on Thursday after being asked to comment by the Financial Times.
Still, email password breaches are just one of the worrisome activities in the Telegram market. Other types of data traded include financial data such as credit card information, copies of passports, bank accounts and site credentials such as Netflix. According to Cyberint, online criminals also share malicious software, exploits and hacking guides through apps.
Meanwhile, links to Telegram groups or channels shared within forums on the dark web began to direct users to the platform as a more user-friendly alternative or parallel information center in 2021. From 172,035 to over 1 million.
The study is as follows Another report earlier this year By vpnMentor, previous hacks and data breaches from companies such as Facebook, marketing software provider Click.org, and dating site Meet Mindful have shown that data dumps are circulating on Telegram.
“In general, most data breaches and hacks seem to be shared on Telegram only after they are sold on the dark web, or hackers can’t find a buyer and share the information publicly first. We decided to move on, “said vpnMentor.
Still, some users in these groups seem to be less tech-savvy than typical dark web users, pointing out the tendency for “serious escalations in the ongoing surge in cybercrime.” I dubbed it.
Telegram said it couldn’t validate vpnMentor’s findings because researchers didn’t share details identifying these suspected leak channels.
Samra said the migration of cybercriminals from the dark web to Telegram is partly due to the anonymity provided by encryption, but many of these groups are also open to the public. Said.
Telegram also offers more access, better functionality, and is generally less likely to be tracked by law enforcement when compared to dark web forums, he added.
“In some cases, it’s easier to find buyers on Telegram than on forums because everything is smoother and faster. It’s easier to access … And the data can be shared much more openly.”
According to Cyberint, hackers are less likely to use WhatsApp to display their numbers in group chats, unlike Telegram, for privacy reasons. He added that the encrypted app Signal remains small and tends to be used for more common messaging among people who know each other rather than forum-style groups.
Telegram has long taken a looser approach to content moderation than large social media apps like Facebook and Twitter, and has scrutinized to enable the prosperity of hatred groups and conspiracy theories. I did. In January, it’s Shutdown started For the first time, a group of public extremists and white supremacists amid concerns that it was being used to foster violence in the wake of the Capitol riots.
Cyberint’s research, especially the discovery of a publicly searchable group of cybercriminals, said CEO Pavel Durov is preparing to sell ads on public Telegram channels. At times, it raises further questions about Telegram’s content moderation policy and enforcement.
It also sold bonds to investors in March, including Mbadara Investment Company, a large Gulf Emirate sovereign wealth fund, and Abu Dhabi Catalyst Partners, a joint venture with Mbadara, for more than $ 1 billion. After procuring the sovereign wealth fund, it is preparing to go to the public market. And the $ 4 billion New York hedge fund Falcon Edge Capital.
“There is a policy to delete personal data shared without consent,” Telegram said in a statement. Every day, its “increasing power of professional moderators” added that following user reports, it would remove more than 10,000 public communities due to breach of service terms.
Telegram emerges as new dark web for cyber criminals Source link Telegram emerges as new dark web for cyber criminals