Do you want to obtain a username and password for your streaming favorite? Or is the reader truly someone crappy and you prefer the credit card and bank account information of a random stranger? You have it very close and very easy, on your mobile phone and just by doing a search in the popular messaging app Telegram.
The “Financial Times” medium, in collaboration with the security firm Cyberint, has published an investigation that confirms a transfer of common criminal activities on the Deep Internet to a much more accessible platform such as Telegram.
The app launched in 2013 by the Russian brothers Nikolái and Pável Dúrov accumulates one billion downloads and exceeds 500 million users.
What’s happening on Telegram?
According to the investigation, links to Telegram channels or groups with criminal activity from Deep Internet forums or Deep Web have gone from 172,035 in 2020 to more than a million so far in 2021.
It also estimates the recent increase in cybercrime on Telegram by 100%. An example, the number of mentions obtained in Telegram with the terms “Email: pass” and “Combo” have quadrupled to 3,400.
There is a growing network of hackers who open channels and groups on Telegram to share data leaks and tools of hack. They appear on the platform once they have been profited financially or when the hacker has not managed to output the leak on the Deep Internet. Sometimes they are old and with little to take advantage of, but it is also common to see recent ones.
And they can include credentials and other personal data from all kinds of platforms and services: streaming, bank accounts, credit cards, video game platforms, passport copies. But it is not the only thing that is shared, also malicious software, exploits and hacking guides.
Tal Samra, a cyber threat analyst for Cyberint, told the Financial Times that the migration that some cybercriminals are making to Telegram from the Deep Internet is due to the anonymity provided by its encryption.
It is true that Telegram allows end-to-end encrypted private chats between users and that, most importantly, they are communications that do not go through the company’s servers as happens with standard chats. In addition, the application allows the exchange of files of up to 2 gigabytes in size between users, including compressed zip files.
But the concern grows because a good part of the criminal activity reported in the investigation takes place on public channels and groups, accessible to any user with a simple search and that, sometimes, have tens of thousands of users.
How do criminals use Telegram?
The public activity of cybercriminals is explained by other advantages that Telegram offers in the area of privacy. Contrary to WhatsApp, groups do not show the phone numbers of the participants and each account can be configured to keep that information hidden from everyone’s eyes.
In fact, according to Cyberint, the tightening of privacy policies for Facebook and WhatsApp has also helped drive cybercriminal activity to Telegram.
Another fundamental factor is Telegram’s moderation policies, which are more relaxed than on the aforementioned platforms.
It is a criticism that the company has received since its inception and even so, in 2021, it is easy to find channels and groups with cybercriminal activity that have been open for years and continue to be accessible as normal.
The last reason for this growing trend is ease of access. Browsing the Deep Internet requires certain technological knowledge and the use of specific tools such as the TOR browser, capable of anonymizing the activity. But using Telegram is straightforward and even the most tech-savvy user will quickly find what they are looking for.
Shareholders and advertisers will force Telegram to improve its policies
This could change due to the future plans that the company has. Last spring, Telegram closed a financing round that reached 1,000 million dollars, plans to introduce advertising in the channels and will soon go public. Movements that should push the company to improve its moderation policies and fight cybercrime more effectively.
The Dúrov brothers have maintained the independence of their company for almost a decade and have resisted pressure from states and governments for whom a form of communication between citizens outside of their control is a problem.
Russia recently lifted the ban on using Telegram that it had maintained for two years without getting the Durovs to comply with the demand, demanded by the secret services, to be able to access encrypted private chats, although they have promised improvements in the control of extremist propaganda.
In any case, the future is much more demanding for a Telegram with shareholders and advertisers.
Rachel Maga is a technology journalist currently working at Globe Live Media agency. She has been in the Technology Journalism field for over 5 years now. Her life’s biggest milestone is the inside tour of Tesla Industries, which was gifted to her by the legend Elon Musk himself.