Title: “Telegram Poses Security Risks: Report Highlights Growing Threats Beyond Privacy Concerns”
In a world where privacy and security concerns accompany popular messaging apps, Telegram stands out as a platform with a dual nature. While commonly used for friendly conversations and professional exchanges, it has gained notoriety for its exploitation by criminals and terrorists, almost serving as an accessible version of the dark web.
A recent report by Guardio delves into Telegram’s transformation into a thriving hub for cybercriminal activities. It highlights how both seasoned criminals and novices now utilize the platform to exchange illicit tools and insights, forming a dark and efficient supply chain for tools and victims’ data. The report identifies the easy availability of free samples, tutorials, kits, and even hackers-for-hire, facilitating the construction of comprehensive malicious campaigns.
Guardio’s research specifically focuses on the prevalence of phishing kits on Telegram, which are employed to launch attacks on both phones and PCs. The report notes the democratization of the phishing ecosystem, explaining that what was once exclusive to invite-only forums on the dark web is now openly accessible on Telegram through a simple search.
This accessibility has contributed to the proliferation of fraudulent emails targeting individuals, often posing as legitimate communications from banks or service providers. With over 700 million active monthly users, Telegram has become one of the world’s top five downloaded apps. While it has played a significant role in global pro-democracy movements, the report sheds light on the darker side of its widespread use, emphasizing the growing threats beyond concerns related to user privacy.
Illicit Telegram channelsGUARDIO
Telegram has long enjoyed a dedicated fan base, albeit somewhat on the fringes of mainstream usage. However, when WhatsApp faced challenges with Facebook in early 2021, Telegram witnessed a surge in installations, attracting a broader audience. Despite its reputation in dark web circles, Telegram emphasizes its security and privacy features, even though it falls short of WhatsApp’s default end-to-end encryption. Instead, Telegram relies on policy rather than technology to protect message content. In an era where platforms like Google Messages and Facebook Messenger prioritize default end-to-end encryption, this difference is notable.
While Telegram’s privacy features may raise concerns, the real threat lies in its susceptibility to malware. Mobile phishing is on the rise, exploiting the ubiquitous nature of mobile devices, the prevalence of remote and hybrid work, and the inherent vulnerability of mobile interfaces. Lookout points out that mobile devices, with their smaller screens, simplified interfaces, and hidden URLs, provide attackers with advantages, making phishing attacks more likely to succeed due to users’ tendencies to immediately interact with smartphone or tablet prompts.
Guardio highlights the ease with which users can encounter public channels, groups, and bots on Telegram, teeming with participants offering various products, services, tips, tricks, and knowledge. Notably, Guardio discovered a phishing campaign on Telegram targeting millions of Facebook business accounts. This campaign utilized Telegram channels to sell hijacked social accounts, including credentials and session cookies obtained through phishing and malware attacks.
Kaspersky had previously reported on a similar issue with Telegram, emphasizing that cybercriminals had turned the messaging app into a branch of the dark web. Phishers created Telegram channels to educate their audience about phishing techniques and engage subscribers with polls on personal data preferences.
Guardio’s report illustrates how potential cybercriminals can effortlessly set up phishing webpages, arrange hosting, and send out emails linking to their scams. The report details successful phishing attempts where victims clicked on fraudulent links and, in some cases, proceeded to log into counterfeit bank sites, resulting in compromised bank accounts.
Example scampage from TelegramGUARDIO
Telegram has faced controversy for hosting a range of content, including illicit and extremist material such as Hamas terror channels in the Middle East. Despite claims of banning such content, concerns persist about Telegram’s role in shielding illicit content from authorities. The platform’s campaign for legitimacy, particularly in comparison to WhatsApp, has focused on security and safety.
It’s important to note that while WhatsApp is owned by Meta, it provides end-to-end encryption, ensuring the security and privacy of sent content. If concerns about metadata tracking exist, Signal is an alternative with a strong focus on privacy.
Kaspersky has highlighted certain shortcomings in Telegram’s security features, suggesting that the platform may not be as secure as perceived. Telegram claims to actively moderate harmful content through a combination of proactive monitoring and user reports.
However, the absence of default end-to-end encryption in Telegram and its association with various controversial content may lead users to consider alternative messaging options. The decision ultimately depends on individual preferences and priorities regarding privacy and security.