Telegram is easier to find buyers and share stolen data than darknet forums.
Telegram is rapidly gaining popularity among cybercriminals as a platform for the sale and exchange of stolen data and hacking tools. This is the conclusion reached by the specialists of the information security group Cyberint based on the results of an investigation conducted in conjunction with the Financial Times.
According to Cyberint analyst Tal Samra, recently the use of Telegram by cybercriminals has increased by 100%.
“An encrypted messaging service is becoming increasingly popular among fraud and data selling attackers […] because it is more user-friendly than the darknet,” Samra explained.
According to Cyberint, the number of mentions of the terms “Email: pass” and “Combo”, denoting stolen credentials for sale, in Telegram has quadrupled over the past year and reached about 3.4 thousand.
On one of the public Telegram channels called “combolist”, with more than 47 thousand subscribers, hackers sell or exchange large amounts of data, including hundreds of thousands of leaked passwords and logins.
The publication titled “Combo List Gaming HQ” offers 300,000 passwords for Minecraft, Origin and Uplay users. Another publication offers 600,000 Yandex usernames. Telegram removed the channel on Tuesday, September 14, after the company approached the company for comment.
Other data sold includes financial information such as payment card details, copies of passports, and online banking credentials, as well as other services like Netflix.
The number of links to Telegram channels and groups published on hacker forums on the darknet has increased from 172,035 in 2020 to over 1 million in 2021. As Samra explained, the transition of cybercriminals from the darknet to Telegram is partly due to the anonymity provided by encryption. However, many groups and channels are open.
Among other things, compared to the darknet, Telegram is more accessible, provides convenient functionality, and there is less chance that its users will be tracked by law enforcement agencies. In some cases it is much easier to find buyers on Telegram than on hacker forums, and access to data is easier.
According to Telegram, the company has a “policy for deleting personal data transferred without consent.” Moreover, the “ever-growing number of professional moderators” of the service are removing more than 10,000 public communities every day for violation of the terms of service based on user complaints.
Catch up on more articles here
Follow us on Twitter here