Attackers are increasingly using Telegram to discuss illegal activities. According to Kaspersky Digital Footprint Intelligence, in May-June 2024, the volume of messages in Telegram shadow channels increased by 53% compared to last year. These channels and groups discuss scams and data leaks, and offer questionable services such as money-extraction, collecting information from closed databases, falsifying documents, and conducting DDoS attacks.
Telegram’s popularity among cybercriminals is due to several factors. First, the messenger is widely used and trusted, and its user base reaches 900 million monthly active users. Second, Telegram is known for its high security and anonymity, which makes it attractive for creating and participating in closed communities.
Analysts note that cybercriminals operating on Telegram are generally less technically advanced and experienced than participants on more closed darknet sites, due to the relative ease of joining Telegram shadow communities and the absence of the complex controls and reputation systems seen on other shadow forums.
Telegram is also actively used by hacktivists to express their views and organize protests. This messenger provides fast information transfer and allows you to distribute content, including materials for DDoS attacks and stolen data. At the same time, blocking shadow channels is not always effective, as new channels are created to bypass security measures.
Source: Ferra
I am a professional journalist and content creator with extensive experience writing for news websites. I currently work as an author at Gadget Onus, where I specialize in covering hot news topics. My written pieces have been published on some of the biggest media outlets around the world, including The Guardian and BBC News.
