Don’t say it’s over: what happens now with cybercriminals on Telegram?

Don't say it's over: what happens now with cybercriminals on Telegram?

Now that Pavel Durov has announced that Telegram will hand over IPs to the authorities, are rats abandoning a sinking messaging platform?

Telegram founder and obnoxiously rich person Pavel Durov announced a major change to the messaging platform last week: Upon request, the platform will now share its users’ IP address with law enforcement agencies around the world.

Durov was arrested last month in France over allegations of lack of moderation on the platform that encourages criminal activity, and honestly, there is a lot of criminal activity on Telegram, from hacktivists and cybercriminals to drug traffickers and other organized crime elements.

So now that your safe space is no longer so safe… How will that criminal element, particularly hackers and their ilk, respond?

Well, some are planning to leave the platform altogether.

“Due to growing concerns about data privacy and security on Telegram, we are shifting our community interactions to Twitter .

“Telegram is no longer secure because it can compromise your private data.”

The group appears to have deleted their channel a couple of days after making that post.

Prolific DDoSers and Russian hacktivist group Killnet shared their thoughts on the decision to share IP, as well as Telegram’s decision to provide AI-based content moderation in Telegram’s search feature.

“On the one hand, you might think it’s cool. But we are getting closer and closer to the ideology of Instagram\WhatsApp\Facebook… whose ideology is not at all based on anonymity, an approach that Pasha [Durov’s nickname in his hometown of St Petersberg] has emphasized since the launch of Telegram,” Killnet said in a September 25 post on Telegram.

“Anonymity for whom, I would like to request. For journalists, whose numbers are no longer hard to find? For military channels that serve no one anyway? To exchange nude photos that can already be sent on other messengers?

The Killnet spokesperson noted that “everyone understood what audience Telegram attracted with its anonymity slogans” (i.e. hackers and other criminals) before offering advice on how to continue using the platform safely and other advice on how to avoid scrutiny. of the authorities.

According to data intelligence firm Flashpoint, cybercriminals across the platform are coming to similar conclusions.

“Threat actors flock to Telegram to communicate and coordinate all sorts of illicit activities, so the announcement that it will now provide some user data to authorities has shaken the cybercrime world. Criminal and extremist groups fear losing their safe haven, which is why Flashpoint is already seeing active conversations about the need to find alternative platforms,” said Tom Hofmann, head of intelligence at Flashpoint.

“If Telegram openly cooperates with authorities, we expect threat actors to split. Expect a short-term migration to other social platforms such as Discord, Signal and Matrix, although most will likely return to Telegram for centralized messaging purposes.”

Which appears to be more or less what ransomware-as-a-service operator Stormous is doing. In recent days, the group had to create a new channel on Telegram, citing “the closure of our previous channel by certain entities.”

“However, this is not an issue and will not affect any of our operations. We will now focus entirely on our sites on the Tor network,” Stormous said in a post from September 26, when his new channel was created.

“Telegram will simply serve as a gateway for certain people to learn about our latest victims or access our RaaS services.”

Leave a Reply

Your email address will not be published. Required fields are marked *