$20K Buys Insider Access to Telegram Servers, Dark Web Ad Claims
In the ad, cybercriminals are offering to sell employee-level access to Telegram, researchers warn.
January 12, 2023
For the non-negotiable price of $20,000, threat actors claim they can provide insider access to Telegram servers running the encrypted instant messaging platform preferred by a security-conscious clientele.
The ad, posted on a Dark Web marketplace and discovered by the researchers of SafetyDetectives, boasts that the access is high-level and provided "through their employees."
Rather than providing remote access, the seller is hawking "an offering of correspondence for six months," the SafetyDetectives team added.
"It is impossible to say how many users, or Telegram servers, may be impacted," the report explained. "However, if the vendor’s claims are valid, an insider in the internal Telegram network would be able to exfiltrate logs and compromise user data."
Meanwhile, it seems Telegram might have a broader phishing problem.
Phishing Explodes on Telegram
The discovery comes on the heels of the release of new data from Cofense that shows that the abuse of Telegram bots exploded by 800% in 2022, driven by threat actors using malicious HTML attachments to deliver credential phishing attempts. Telegram bots are also attractive to spear-phishers because they're free and easy to set up and run.
"Threat actors appreciate the ease of setting up bots in a private or group chat, the bots' compatibility with a wide range of programming languages, and ease of integrations into malicious mediums such as malware or credential phishing kits," the Cofense report said. "Coupling the ease of Telegram bot setup and use with the popular and successful tactic of attaching an HTML credential phishing file to an email, a threat actor can quickly and efficiently reach inboxes while exfiltrating credentials to a single point using an often-trusted service."
About the Author
You May Also Like
Transform Your Security Operations And Move Beyond Legacy SIEM
Nov 6, 2024Unleashing AI to Assess Cyber Security Risk
Nov 12, 2024Securing Tomorrow, Today: How to Navigate Zero Trust
Nov 13, 2024The State of Attack Surface Management (ASM), Featuring Forrester
Nov 15, 2024Applying the Principle of Least Privilege to the Cloud
Nov 18, 2024