Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Cyber Criminal. Show all posts

The Dual Nature of Telegram: From Protest Tool to Platform for Criminal Activity

 

Telegram, a messaging app co-founded by Pavel Durov in 2013, has become one of the world’s largest communication platforms, with over 900 million users. The app’s dual nature has recently put it in the spotlight after Durov was arrested in Paris on August 24, reportedly at the request of a special unit within France’s Interior Ministry that investigates crimes against minors. This incident has sparked renewed scrutiny of Telegram’s role in global communications. 

Initially, Telegram was created in response to the Russian government’s crackdown on pro-democracy protests in 2011 and 2012. The app’s primary selling points—encryption of communications and user anonymity—made it an attractive tool for activists worldwide. Telegram gained notoriety during the 2020 Belarus protests against a rigged presidential election, where activists used it to coordinate actions while evading government surveillance. Similarly, during Iran’s 2018 anti-government protests, Telegram was crucial for organizing and sharing uncensored information, attracting an estimated 40 million users in the country. The app’s ability to facilitate communication under oppressive regimes highlighted its potential as a tool for free expression and resistance. 

However, Telegram’s lack of moderation and security features has also made it a haven for criminal activity. Its encryption and anonymity appeal to drug dealers, pedophiles, and those trading illegal goods. A 2019 BBC investigation found that criminals were using Telegram to distribute child sexual abuse material and stolen credit card information, often embedding links to illegal content within public comments on YouTube videos. Telegram’s relaxed policies have made it easier for users with malicious intent to exploit the platform. Additionally, Telegram has become a powerful tool for disinformation, particularly in Central and Eastern Europe. A 2023 investigative report identified the app as the largest platform for disinformation in the region, with German-language channels playing a significant role in influencing extremist opinions. 

Since Russia’s invasion of Ukraine in 2022, the Kremlin and affiliated groups have increasingly used Telegram for propaganda, recruitment, and fundraising. Pro-Russian channels experienced a surge in subscribers, turning Telegram into a key communication tool for the conflict. The app’s dual role has drawn global attention, especially as Durov’s case unfolds in France. Telegram defended its stance by arguing that holding an owner responsible for all platform activities is “absurd.” 

Yet, this controversy highlights the broader challenge of balancing privacy and free speech with the need to combat illegal and harmful activities online. As authorities grapple with these issues, the future of Telegram remains uncertain, balancing its potential for good against the misuse by those with nefarious intentions.

Heightened Hacking Activity Prompts Social Media Security Warning

 


Having social media software for managing users' privacy settings, and security settings, and keeping track of recent news and marketing opportunities can provide a great way to keep in touch with family, and friends, and stay updated on recent news. However, it is important to abide by these settings to keep information safe. 

When social media is used improperly, it can introduce several risks to a person's personal information, as online criminals are devising new and in-depth methods for exploiting vulnerabilities more frequently than ever before. There are many things users need to know about keeping their Facebook, X and Instagram accounts secure - from finding out how accounts are hacked, to recovering accounts. 

When fraudsters gain access to the details of the users' accounts, they can take advantage of their contacts, sell their information on the dark web, and steal the identity of the users. According to reports by Action Fraud, some victims of email and social media hacking have been forced into extortion by criminals who have stolen their private photos and videos and used them to extort them. 9 out of 10 of the people who participated in the survey (89%) stated that they knew or were aware of people whose profiles had been compromised, and 28% said they knew at least five to ten people who had been hacked. 

The survey found that 15 per cent of the respondents knew someone who was hacked on social media more than ten times. With 76% of respondents indicating they have increased concerns within the last year compared to the previous year, it appears that the fears are growing. What scammers do to hack accounts Online users' accounts can be accessed in a variety of ways by fraudsters to gain access to their money. 

The hacked account user may be wondering how they managed to gain access to one of their accounts if they discover that one of theirs has been hacked. There are times when hackers gain access to a system which carries highly confidential data about a person and causes the system to be breached. This information is then used by fraudsters to gain access to accounts that have been compromised. 

Phishing attacks are designed to entice users into divulging their details by impersonating legitimate companies and containing links that lead them to malicious websites that can harvest their data. As a result, users may end up downloading malicious code to the devices they use to steal their information once they enter the information on the website. 

A chain hack which takes place on a social media platform involves a fraudster posting links to dubious websites in the comment section of a post. After the victim clicks on the link, the fraudster will then ask them to enter their social media account details. This will allow the fraudster access to the victim's account information. It has been reported that fraudsters are known to send messages to victims impersonating one of their contacts in an attempt to get them to share their two-factor authentication code with them. 

Hackers who use credentials they have previously been successful in obtaining access to other accounts belonging to a particular person are known as credential stuffers. When a scammer watches a user log into an account while an account is being used, they are shoulder surfing the user. It is possible to download a malicious app to the users' phones, which will, in turn, install malware onto their devices, enabling the fraudster to steal the username and password for their account and use it to steal users' money. 

When users' accounts have been hacked, take precautions to avoid recovery scammers contacting them on social media and saying they can retrieve their accounts for them if only they would follow their instructions. This is just another scam that they cannot fall victim to, and they would not be able to do this. 

Find out who to contact to get help with a hacked account by going to the help page of the account provider. All devices must be logged out of the users' accounts as well as their passwords must be changed on all devices. Please examine to ascertain the presence of any newly instituted protocols or configurations within users' email accounts, which may have been established without their explicit authorization. 

These modifications could potentially dictate the redirection of emails about their accounts. It is incumbent upon users to promptly notify their contacts of a potential security breach and advise them to exercise caution, as any received messages may not be legitimately sent by them.

US Criminals Responsible for Widespread Credit Card Fraud

 

In a case that sounds like a script, US criminals stole more than $1 million by using hundreds of credit cards that were advertised for sale on the dark web. A portion of the details surrounding this complex criminal enterprise have become public after a federal indictment by the U.S. Department of Justice.

The defendant in the case of United States v. Trevor Osagie admitted to planning to steal credit card data between 2015 and 2018. Osagie worked with a gang of robbers to cause damages totaling more than $1.5 million. 

At least 4,000 people were affected. Osagie could be sentenced to up to 30 years in prison and must pay a $1 million fine, according to Bleeping Computer. May 25, 2023, has been designated as the judgement date. The top search engines do not index the websites and services found on the dark web, and only obscure methods are used to access them. The dark web isn't always used for illegal activities, but because of its encryption and anonymity, criminals are drawn to it. 

Using the dark web, Osagie was able to recruit and supervise additional conspirators who played different roles in the fraud. Hamilton Eromosele is charged with leading a criminal organisation that used social media to identify "employees" who would use stolen credit cards to make expensive purchases.

Ismael Aidara then opened fake bank accounts and credit cards while Malik Ajala provided the stolen card information. There are six additional characters in this story, all of whom went to the US to participate in any activity requiring their actual presence. The indictment's namesakes all entered guilty pleas, demonstrating the prosecution's strong case. 

This is what happened. Members of this criminal network received the information after it had purchased flights to the United States, rentals, and lodging using stolen credit and debit card information from the dark web. As the shopping spree continued, expensive items and gift cards would be purchased. 

Social media promoted travel and enormous profits alongside the "workers" who travelled and purchased items for other group members. A portion of the funds were given to the criminal organisation. The police caught the criminals after a chaotic three-year rampage.

FBI Warned Against a Canadian Indicted for Attacks Against US and Canada

 

The FBI and the Justice Department unveiled warrants today charging 31-year-old Canadian Matthew Philbert with a variety of ransomware-related offenses. On Tuesday, authorities from the Ontario Provincial Police made a public statement in Ottawa to disclose the charges and Philbert's arrest. 

U.S. Attorney Bryan Wilson of the District of Alaska said in a statement that Philbert “conspired with others known and unknown to the United States to damage computers, and in the course of that conspiracy did damage a computer belonging to the State of Alaska in April 2018.” 

Canadian officials received assistance from Dutch authorities and Europol in this case; Canadian authorities also charged Philbert, claiming that he was apprehended on November 30. Authorities did not specify which ransomware gang Philbert was a member of or which operations he is responsible for. 

"Cybercriminals are opportunistic and will target any business or individual they identify as vulnerable," stated Deputy Commissioner Chuck Cox of the Ontario Provincial Police. 

Philbert is charged with one count of conspiracy to commit fraud as well as another count of fraud and associated activities involving computers. 

Cox stated during the press conference that the FBI alerted officials in Ontario over Philbert's activities, which also included ransomware cyberattacks on businesses, government entities, and individual citizens. Police further stated they were able to seize multiple laptops, hard drives, blank cards with magnetic stripes, as well as a Bitcoin seed phrase while Philbert was being arrested. 

In January, authorities in Florida apprehended another Canadian individual concerning several Netwalker ransomware attacks. According to the DOJ, Sebastien Vachon-Desjardins made around $27.6 million through various ransomware attacks on Canadian companies such as the Northwest Territories Power Corporation, the College of Nurses of Ontario, and the Canadian tire business in British Columbia. 

Some people believe that ransomware attacks originated in Russia or the Commonwealth of Independent States, according to Emsisoft risk analyst Brett Callow, a ransomware expert located in Canada. 

Whereas the ransomware was "made" in certain countries, Callow pointed out that the people who use it to carry out attacks could be located elsewhere. 

"In fact, there's so much money to be made from ransomware, it would be extremely surprising if individuals in countries like Canada, America, and the UK hadn't entered the market. Those individuals may, however, be sleeping a little less well at night than they used to. In the past, there was a near-zero chance of them being prosecuted for their crimes, but that's finally starting to change," Callow said.

This Aspiring Hacker was Caught in a Quite Embarrassing Manner

 

The US Department of Justice (DoJ) has arrested a Ukrainian citizen for using a botnet to hack people's passwords. He was caught by his alleged messages to vape shops in Ukraine, including an invoice with his home location. 

Glib Oleksandr Ivanov-Tolpintsev is accused by the Department of Justice of deploying a botnet to break passwords of targeted individuals, which he subsequently sold on the dark web. According to his indictment, Ivanov-Tolpintsev made over $80,000 from the operation. 

The press release from the DoJ reads, “During the course of the conspiracy, Ivanov-Tolpintsev stated that his botnet was capable of decrypting the login credentials of at least 2,000 computers every week...Once sold [on the dark web], credentials were used to facilitate a wide range of illegal activity, including tax fraud and ransomware attacks.” 

On October 3, 2020, Polish police arrested Ivanov-Tolpintsev in Korczowa, Poland, and he was extradited to the United States to stand prosecution for these offenses. 

Amateur Blunders 

According to an IRS affidavit, investigators tracked down Ivanov-Tolpintsev by looking at the contents of the Gmail accounts he used to conduct his dark web activities. 

Many digital receipts from online vape shops were sent to one of these accounts, revealing Ivanov Tolpintsev's name and contact information. 

Furthermore, Ivanov-normal Tolpintsev's email account was set as the recovery address for these accounts. Exploring the contents of his regular account showed a plethora of personally identifying information, including passport scans and Google Photos photos.

The government was able to assemble enough evidence to convince a court to order Ivanov Tolpintsev's arrest and extradition because of his carelessness in separating his criminal digital identity from his physical one. 

Although the investigators haven't revealed much about Ivanov Tolpintsev's botnet case but the case highlights the dangers of depending solely on a password to protect an account. 

Since breaking and auctioning passwords on the dark web may lead to significant attacks like the one on the United Nations, security experts have been urging to implement multi-factor authentication (MFA) systems.

An Indian Firm Facing 1,738 Cyber Attacks A Week On Average, Claims Report


On Thursday, a report has been published that claimed that Indian organizations witnessed cyberattacks  1,738 times more compared to 757 attacks per organization globally on average per week in the last six months. 

According to the report by Check Point Research (CPR), the Threat Intelligence arm of Check Point Software Technologies, some of the Indian industries that have been most vulnerable in the last six months include government/military, education/research, insurance/legal, manufacturing and healthcare institutions.

Malicious actors continue to exploit the data related to the Covid-19 pandemic and ransomware attacks have been increased by 93 percent globally, said the 'Cyber Attack Trends: 2021 Mid-Year Report'.

The figure has demonstrated that the APAC region has witnessed the highest number of cyber-attacks, with around 1,338 institutions being vulnerable to cybersecurity, followed by EMEA at 777 and Americas at 688.

"In the first half of 2021, cybercriminals have continued to adapt their working practices to exploit the shift to hybrid working, targeting organizations' supply chains and network links to partners to maximum disruption," said Maya Horowitz, VP Research at Check Point Software.

"This year cyber-attacks have continued to break records and we have even seen a huge increase in the number of ransomware attacks, with high-profile incidents such as Solarwinds, Colonial Pipeline, JBS, or Kayesa," he added.

Despite the continuous efforts by various governments and law enforcement agencies, ransomware attacks are likely to grow rapidly, in the coming months of 2021.

"Ransomware attacks will continue to proliferate despite increased investment from governments and law enforcement, especially as the Joe Biden Administration makes this a priority," the report added,