Surge in cybercrime on Telegram highlights security concerns
Kaspersky has reported a significant increase in cybercriminal activities on the messaging platform Telegram.
According to the company's Digital Footprint Intelligence team, there has been a 53% surge in posts related to cybercrime between May and June 2024 compared to the same period in 2023.
Cybercriminals are using Telegram to discuss fraud schemes, distribute leaked databases, and trade various criminal services such as cashing out, forging documents, and orchestrating DDoS attacks. Alexey Bannikov, an analyst at Kaspersky Digital Footprint Intelligence, elaborated on the platform's attractiveness to cybercriminals.
"The growing interest in Telegram from the cybercriminal community is driven by several key factors. Firstly, this messenger is very popular - its audience has reached 900 million monthly users, according to Pavel Durov. Secondly, it is marketed as the most secure and independent messenger that does not collect any user data, giving threat actors a sense of security and impunity," he said.
Telegram's low barriers to entry contribute to its popularity among cybercriminals. Bannikov noted, "Someone with malicious purposes simply needs to create an account and subscribe to the criminal sources they can find as they are already part of this criminal community." Unlike more restricted dark web forums, Telegram lacks a reputation system, which leads to a higher incidence of scammers within its cybercriminal space.
Another emerging trend is the use of Telegram by hacktivists to make statements and coordinate attacks. Due to its extensive user base and the ability to distribute content rapidly through channels, hacktivists utilise the platform to incite DDoS attacks and other disruptive actions against targeted infrastructures. They can also release stolen data from attacked organisations into the public domain via shadow channels.
In response to these troubling developments, Kaspersky Digital Footprint Intelligence has published a playbook to track shadow market activities and manage data-related incidents. This resource aims to help enterprises mitigate the associated cyber risks.
Cybercriminals' increasing use of Telegram as a platform for their illicit activities raises questions about the app's role in facilitating cybercrime. The rise in activity highlights the need for better monitoring and security measures to prevent and mitigate these risks.
Kaspersky is a global cybersecurity and digital privacy company founded in 1997. With over a billion devices protected to date from emerging cyber threats and targeted attacks, Kaspersky's deep threat intelligence and security expertise is constantly transforming into innovative solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company's security portfolio includes leading endpoint protection, specialised security products and services, as well as Cyber Immune solutions to fight sophisticated and evolving digital threats.