The messaging app Telegram stands for privacy and encryption as its main features. But these features are being abused by cybercriminals who are increasingly thriving on Telegram.
According to a report by cybersecurity firm Cyberint for the Financial Times, hackers are moving from the dark web to Telegram to sell and share stolen or leaked user data. Telegram was chosen because it is easy to use and not strictly moderated.
This application made by Pavel Durov also has a secret chats feature that uses end-to-end encryption as an additional privacy feature. Even though Telegram groups don't have the same features, users still need to have a link or invitation to join. Telegram groups can also be filled with up to 20,000 members.
These features are what make Telegram ogled by cybercriminals. Cyberint analyst Tal Samra said the use of Telegram for cybercrime activity increased by more than 100%.
"His encrypted messaging service is increasingly popular among cyber threat actors who carry out fraudulent activities and sell stolen data ... because it is more convenient to use than the dark web," said Samra, as quoted from Mashable, Monday (20/9/2021).
The move of cybercriminals to Telegram was also influenced by WhatsApp. Telegram and WhatsApp were previously chosen by users because they offer a higher level of privacy thanks to end-to-end encryption.
But WhatsApp recently released its latest controversial privacy policy. Many users have also moved to Telegram, including cyber criminals.
In its report, Cyberint found that the hacker terms 'Email:pass' and 'Combo' are increasingly being used on Telegram, even quadrupling in 2020 and 2021.
They also discovered a public channel called 'combolist' which was used to sell and share stolen personal data. The channel once had around 47,000 members and has now been removed by Telegram after receiving a report from the Financial Times.
Some channel data dumps on Telegram contain between 300,000 to 600,000 email and password combinations for gaming and email services. Cyberint also found channels used to sell financial information, personal documents, hacking guides, and more.
In an official statement, Telegram said they have a policy to delete personal data that is shared without permission. Telegram also claims their moderators delete 100,000 public communities that violate their rules every day
