Search This Blog

Powered by Blogger.

Blog Archive

Labels

Here's Why Cybercriminals are Shifting Their Base from Tor to Telegram

The dark side of Telegram and how cybercriminals use the app to plan cyber attacks will be covered in this article as a new trend.

 

Cybercrime is a rapidly evolving field. Threat actors, ransomware gangs, malware authors, and others are quickly leaving the "traditional" dark web (Tor sites) and relocating to shady Telegram channels that are dedicated to crimes.

This article will look at the reasons threat actors are abandoning Tor and offer comprehensive advice on how to monitor Telegram conversations effectively. 

Why are threat actors switching to Telegram from Tor? 

The majority of cybercrime activity today takes place on contemporary social media platforms and outside of the conventional dark web. Numerous factors, including the monetization of cybercrime, increased law enforcement inspection of Tor sites, and the general slowness of Tor, contributed to the change. We will discuss each in turn.

Exit scams are rare 

The marketplace serves as a clearinghouse, which is both one of the main benefits and drawbacks of conventional dark web marketplaces. Usually, there is a 14-day hold on transactions during which the exchange keeps the cryptocurrency and the buyer can ask for compensation if they are defrauded. The problem is that market owners frequently store millions of dollars in cryptocurrencies at any given moment, which makes it very tempting to commit exit scams and steal the money held.

Modern social media features

Telegram has an edge over Tor websites in the following areas: 

Emojis, direct private chats, a phone app, and other nice-to-have features are among the many features that make Telegram one of the fastest and most popular modern social networking platforms. 

Even less technical knowledge is needed to locate cybercrime channels and complete transactions than with Tor, democratising the availability of cybercrime data.

Numerous platforms exist that give free "samples" of credentials, stealer logs, breach data, and other data that allow customers to quickly "validate" the efficacy of the vendors' solutions. 

Perceived privacy 

It is well known that law enforcement agencies closely monitor the sites, forums, and marketplaces on the Tor network. Users are aware that when they create a forum post or marketplace listing, it may be viewed by business security teams, several law enforcement agencies, and other parties.

In contrast, Telegram appears to offer perceived anonymity because of the vast number of channels dedicated to crimes, the lack of IP monitoring available to security and LE specialists, and the apparent transience of messages. 

Telegram channels for various forms of cybercrime 

Telegram channels typically focus on a single form of illicit activity, in contrast to older dark web marketplaces. A criminal may be able to purchase combolists, drugs, firearms, credit card details, and a variety of other illegal commodities on a dark web market. 

Bitcoin transactions 

Utilising third-party services, it is possible to send payments in bitcoin using the Telegram client. As a result, attackers can use the Telegram app to receive bitcoin payments. Despite the possible dangers, it's crucial to remember that Telegram is not inherently bad and can be used for good reasons as well. Telegram is a popular platform for collaboration and communication among people and businesses, and it can be a helpful tool for maintaining relationships. 

Nation state cyberterrorism 

Nation-state hacktivist channels make up the final group of channels that are very important for cybersecurity teams. Particularly since the start of the crisis in Ukraine, channels like Bloodnet, Killnet, Noname47, Anonymous Sudan, and others have experienced explosive growth in popularity. These channels frequently choose predetermined targets, frequently important infrastructure in NATO nations, and attempt to hack websites, DDoS crucial services, and leak company data. 

As a result of Telegram's high levels of privacy and anonymity, resilience to censorship, and potential for disseminating propaganda and false information, threat actors are increasingly choosing it as their preferred platform, which is concerning. Authorities and individuals must be aware of these threats and take action to safeguard both themselves and others.
Share it:

Cyber Crime

Data Safety

Online Hack

Telegram Messenger

Tor Site

User Privacy