Telegram has become a playground for cybercriminals

Telegram
(Image credit: Telegram)

Privacy-centric messaging platform Telegram has been adopted as a dark web-style marketplace by the cybercriminal community, new research has shows.

Conducted by security firm Cybint in collaboration with the Financial Times, the research points to a sharp uptick in cybercriminal activity in Telegram channels, some of which have tens of thousands of members.

Cybercriminals are reportedly using the Telegram platform to peddle stolen data and hacking tools, and to share information about recent data leaks that could provide material for future attacks.

Telegram: The new dark web?

The rise in popularity of Telegram among cybercriminals has been attributed, at least in part, to the wave of new users that arrived on the platform earlier this year amid controversy about changes to the WhatsApp privacy policy. The latest estimates, courtesy of SensorTower, suggest Telegram now has upwards of 500 million users

Another factor that makes the platform attractive to cybercriminals is its simplicity, especially when compared with underground forums on the dark web, which have a smaller pool of users and are more fiddly to access.

“Due to the tools freely available to hide in the shadows, the dark web has slowly transitioned over to the open web as social media has a bigger shop front,” Jake Moore, Cybersecurity Specialist at ESET, told TechRadar Pro.

“The millions of users available on social media and channels such as Telegram mean that criminals have moved over to access the bigger pool of potential customers. And there is very little to be done to stop these marketplaces from cropping up.”

The Cyberint investigation revealed a 100%+ increase in cybercriminal activity on Telegram, (although the time-frame was not specified). Meanwhile, the use of terms such as “combo” and “email:pass”, which indicate complete sets of stolen credentials are available to purchase, in Telegram channels is said to have risen by more than 300%.

Many other types of personal data are also floating around on the platform, including banking credentials, credit card details and passport numbers.

The research findings put Telegram in a difficult position; the company must either compromise on its privacy-first principles and comparatively laissez faire attitude to moderation, or else allow criminal activity to proliferate on its platform.

TechRadar Pro has asked Telegram for comment on the research and for clarification with regards the steps the company is taking to squash illegal activity on its platform.

  • Take a look at our list of the best VPN services on the market

Via FT

Joel Khalili
News and Features Editor

Joel Khalili is the News and Features Editor at TechRadar Pro, covering cybersecurity, data privacy, cloud, AI, blockchain, internet infrastructure, 5G, data storage and computing. He's responsible for curating our news content, as well as commissioning and producing features on the technologies that are transforming the way the world does business.

Read more
Android phone malware
This nasty Android malware is posing as the Telegram Premium app
Telegram
New Golang malware is hijacking Telegram to help itself spread
Ransomware
Top ransomware gang's internal chat logs leaked online
Privacy
"Anonymity is not a fundamental right": experts disagree with Europol chief's request for encryption back door
QR Code
Hackers are targeting Signal with new QR code-linked cyberattack
Magnifying glass enlarging the word 'malware' in computer machine code
Microsoft Teams and AnyDesk abused to deploy dangerous malware, so be on your guard
Latest in Security
Data Breach
Thousands of healthcare records exposed online, including private patient information
China
Juniper patches security flaws which could have let hackers take over your router
Representational image depecting cybersecurity protection
GitLab has patched a host of worrying security issues
Ai tech, businessman show virtual graphic Global Internet connect Chatgpt Chat with AI, Artificial Intelligence.
AI agents can be hijacked to write and send phishing attacks
China
Volt Typhoon threat group had access to American utility networks for the best part of a year
Abstract image of cyber security in action.
MassJacker malware targets those looking for pirated software
Latest in News
Google Pixel 8a in aloe green showing
Google Pixel 9a benchmark link teases the performance of the upcoming mid-ranger
Quordle on a smartphone held in a hand
Quordle hints and answers for Monday, March 17 (game #1148)
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Monday, March 17 (game #379)
NYT Connections homescreen on a phone, on a purple background
NYT Connections hints and answers for Monday, March 17 (game #645)
Apple iPhone 16 Pro HANDS ON
Leaked iPhone 17 dummy units may have given us our best look yet at all four models
A super close up image of the Google Gemini app in the Play Store
It's official: Google Assistant will be retired for phones this year, with Gemini taking over