The FBI keeps shutting down criminal communities on the dark web. So tech-savvy thieves have migrated to a new online space: Telegram.
Telegram, the fast-growing instant messaging app, has shaken up the world of social media. Users prize the platform for its encryption technology. And that has made it the tool of choice for privacy-conscious web users.
But those same privacy features have also attracted some shady characters.
Telegram now serves as the go-to chat app for criminals, political extremists, and other bad actors. And some experts have even labeled Telegram the new dark web.
But exactly what is Telegram? And why should you start following this site? Let’s dive in.
What is Telegram?
Telegram is a messaging app, similar to WhatsApp or Facebook Messenger. Launched in 2013, it has become popular among users skeptical of Silicon Valley’s offerings — part of the broader “alt-tech” movement. Today, the service claims to have over 500 million active users.
Privacy represents the app’s unique selling proposition. When users activate “Secret Chat” mode, Telegram encrypts communications from end to end. Users can also configure messages to self-destruct after a set time.
These features make it almost impossible for an outside party to eavesdrop on conversations between two individuals.
Additionally, Telegram has few ties to the big social networks. And founder Pavel Durov has refused to sell customer data to marketers for targeted ads. So while the app still collects user meta-data, this information is far less likely to end up in the hands of third parties.
But “Group Chats” probably ranks as Telegram’s most popular feature. Rival WhatsApp has historically limited groups to only 256 users. In contrast, group chats on Telegram, called channels, can support hundreds of thousands of participants.
Topics range from quotes and memes to politics or video games. And essentially this feature has turned Telegram into a social network in its own right.
These privacy features, however, have attracted controversies.
In its early days, ISIS exploited the app as a recruiting tool. Though it should be noted Telegram has cracked down on extremists exploiting the platform.
Still, Telegram serves as a haven for various fringe communities, especially groups booted from more mainstream platforms. And it doesn’t take much sleuthing through the app to uncover hate groups and conspiracy theorists.
This represents a headache for governments. Several authoritarian regimes, such as Iran and Russia, have banned the app in their countries. And in June, German authorities sued Telegram, demanding more transparency and co-operation with European law enforcement agencies.
The Dark Web of the Future?
Law enforcement agencies have a good reason to be skeptical.
In addition to extremist groups, the app has become a favorite tool for organized crime. Some cybersecurity experts have even labeled Telegram the new dark web.
Historically, criminals have exploited a collection of encrypted websites unlisted by search engines. This network, nicknamed the dark web, has served as a place to leak sensitive or stolen data, market illegal products and services, and recruit co-conspirators for criminal activities.
But operating on the dark web has its drawbacks.
Firstly, accessing these communities requires some technical expertise. To navigate the dark web safely, users need to download a specialized browser while masking their online footprints from authorities. That limits access to these groups to most tech-savvy criminals.
Moreover, the anonymous nature of the dark web leaves sites especially vulnerable to distributed denial of service attacks. That can take down forms for weeks at a time.
Operating on Telegram, in contrast, doesn’t have any of these problems.
To begin with, getting started requires only basic technical expertise. You can download the service on any major app store.
And navigation is no more complicated than using any mainstream social network. No PhD in computer science required.
Furthermore, running a criminal enterprise on the app presents fewer technical challenges. Telegram channels are immune to the distributed denial of service takedowns that plague other criminal sites. If a channel does go dark, a new page could be up and running in minutes.
Combined with Telegram’s other encryption features, it’s no surprise to see criminals flocking to the service.
By design, the app means content moderation is almost impossible. That makes it the perfect medium for bad actors to conduct their online activities.
What Can You Find on Telegram?
Malicious channels on Telegram structure themselves in the same way you would find criminal sites on the surface or dark web. Users organize forms based on the type of illegal product sold or activity conducted.
So what kind of threats can security analysts find?
Leaked Data: Some channels specialize in exchanging stolen data. Popular commodities sold include login credentials, banking information, and credit card numbers. Users also freely discuss fraudulent techniques and methods to exploit the latest data breaches. Hacked databases, including those of numerous Fortune 500 companies, circulate daily on the site.
Criminal Tactics and Techniques: Other channels specialize in sharing educational information. It’s easy to uncover hacking tutorials, fraud techniques, and how-to guides. Criminals also discuss the anti-theft measures employed by specific retail outlets and methods to evade them.
Violent Threats: Extremist groups regularly circulate “enemies” lists, alongside violent threats. These lists often include politicians, executives, and celebrities.
Insider Threats: Telegram has emerged as a popular platform to recruit corporate insiders for criminal activities. Tasks include leaking confidential data, selling company uniforms, or granting unauthorized access to secured facilities. Jobs also often come with high advertised salaries. That can make them attractive options for any disgruntled employees or workers in a dire financial situation.
Counterfeits: Counterfeiting runs rampant on Telegram. A simple search will reveal a large number of groups and accounts selling knock-off products, such as electronics, designer clothes, and luxury watches. In other cases, criminal outfits have impersonated the official pages of established brands in order to dupe unsuspecting customers.
The Bottom Line on Telegram
Telegram’s rise, especially among criminal outfits, should worry everyone.
As mentioned, getting started requires minimal technical expertise. And unlike other messaging apps, few restrictions allow anyone to stumble upon illegal forms.
So it’s not hard to imagine Telegram increasing the general level of criminality in society.
Moreover, Telegram seems to be stealing market share from the dark web as the go-to place for criminals to conduct their online activities. And that migration seems to be accelerating year by year.
For security teams, that will make this site an ever more valuable source of threat intelligence.
And analysts not paying attention to this app could overlook critical threats to their organization.