It's not that secure, but it's easy to use and, at least for now, content moderation remains lax.
It has been promoted as an alternative to WhatsApp. The company that runs it has faced heavy criticism for not doing enough to cut down on revenge porn or fake vaccination cards. Now, a new study has found that Telegram is, surprisingly, an attractive home for cybercriminals.
The revelation comes from a Cyberint study for a Financial Times article. The cybersecurity firm found that hackers sell and share data leaks on Telegram because it is easy to use and not very moderate. In the past, these data dumps were largely the domain of the so-called "dark web", a kind of Western version of the Internet that can only be accessed through browsers and special logins. Hackers find the dark web attractive because it lives in a corner of the deep web - the part of the internet that doesn't appear in search engines, which is even more blocked against outside observers and intrusions.
All of these barriers have a price, of course: not everyone can access the dark web. This is where Telegram comes in. It's easy to download the app and create an account. The "secret" chats of the services use end-to-end encryption, for greater privacy. And while group chats don't have the same protection, you still need a link or invite to join. Telegram also allows for massive group chats of up to 200,000 users.
These characteristics have led to what Cyberint threat analyst Tal Samra called a "100% increase" in the use of Telegram among cybercriminals. "Your encrypted messaging service is increasingly popular with threat actors who conduct fraudulent activities and sell stolen data ... as it is more comfortable to use than the dark web. "
The outbreak of the movement towards Telegram was fueled, according to the study, by recent changes to one of the competing apps, WhatsApp, owned by Facebook. While Telegram and WhatsApp are popular destinations for those seeking more privacy in their digital communications (both platforms offer some form of end-to-end encryption), the new privacy policy, while under siege, has made the platform less attractive. unsightly goals.
Cyberint found that mentions of certain terms used by hackers when selling stolen emails and passwords "quadrupled" between 2020 and 2021. The FT story also mentions a (now removed) public channel called "combolist," the whose name is itself a reference to hacker terminology, where the data dumps have been sold or simply shared.
There were around 47,000 users on the channel when Telegram shut it down, a move that only happened after FT inquired about its existence. The Cyberint study also found that there is a market in Telegram for financial data, personal documents, malware and hacker guides, as well as online account credentials.
The dark web itself is fueling the growth of Telegram, Cyberint found. The firm's researchers noted a huge increase in links to Telegram destinations shared on dark web forums between 2020 and 2021, from just over 172,000 last year to over a million this year.
Telegram has not yet responded to a request for comment from Mashable, but the company told FT that its policy is to delete personal data when it is "shared without consent." Although with growing signs that the company is trying to make new money and eventually go public, one wonders how long its supposedly lax restraint will last.
.jpeg)
