Report: Telegram “Cybercrime Ecosystem” Rivals the Dark Web, but Much Easier to Access

by | Feb 20, 2023

A cybercrime ecosystem is firming up on Telegram, and the scope of services it offers is growing to rival dark web forums, according to a report from cybercrime intelligence firm KELA. But Telegram is easier for the average person to access, and its hundreds of millions of users may only be a simple search away from these offerings.

There are now listings on Telegram for everything from stolen personal information to illegal drugs and weapons. While it is natural for criminals to use any encrypted messaging app for these purposes, Telegram offers some unique features that have made it a top choice as a dark web substitute.

Cybercrime ecosystem built on Telegram signup, communication options

Telegram is not the only encrypted messaging app that has a burgeoning cybercrime ecosystem; activity of this sort is also present on Discord, and a variety of smaller alternative apps that are not owned and run by big tech companies. Telegram appears to be the leading choice, however, due to both the size of its user base and some features that similar competitors do not offer.

It does not have the same breadth of offerings that the dark web has at present, and major criminal gangs often do not maintain a similar presence (particularly the big ransomware-as-a-service outfits). But Telegram has become a viable competing market for certain types of cyber crime, such as the sale of personal and banking information taken in data breaches. It is also highly popular for the illicit sale and shipping of physical goods.

This is not to say that service providers are not hawking their wares in this cybercrime ecosystem. One can find all sorts of services related to credit card fraud available, and there are some ransomware gangs with storefronts set up as well (though Lapsus$ is the only “big name” of the bunch as of yet).

The platform is also quite popular with hacktivists, particularly those involving themselves on either side of Russia’s invasion of Ukraine. Killnet, which recently made news for its attacks on hospitals and the UK’s Royal Mail service, is the biggest of these groups that conduct business on Telegram.

Encrypted app open to law enforcement, but staying anonymous is easy

Encrypted messages on Telegram are not totally safe from outside investigation, and the company cooperates with law enforcement in certain types of cases. This does not appear to be slowing down participation in the cybercrime ecosystem, however. It’s easy to sign up without using a personal phone number, and one can log into the app via a web interface on a computer.

Telegram also allows for the creation of much larger private groups than any similar app. It also has an open API that allows for all sorts of added functions and bots to be put to use. And it allows attachments of up to 2 GB in size.

The user base of the app is also very appealing. The largest of the messaging apps have billions of users, but are no good for cyber crime due to various built-in restrictions and active policing by the big tech firms behind them. Telegram is pushing close to those numbers, with about 700 million users, and is far ahead of any comparable “alternative” privacy-first messaging app in this area.

Recent Posts

How can we help?

15 + 10 =

× How can I help you?