Cybercrooks are Switching to Telegram

posted by janrinok on Friday June 08, @05:51PM   Printer-friendly
from the perhaps-the-Russians-knew dept.
Arthur T Knackerbracket has found the following story:

Underground cybercrime marketplaces are in decline because cybercrooks have begun switching to chat channels to trade illegal goods, according to a new report.

The climate of fear and mistrust following the AlphaBay and Hansa takedowns in July 2017 has resulted in crims switching tactics and using less convenient decentralized platforms, such as Telegram, according to research from Digital Shadows.

The paper, titled "Seize and Desist", claimed the cybercriminal community has instead fallen back on alternative ways to conduct transactions across decentralized markets and messaging networks such as Telegram.

Alongside this, digi crooks have adapted their processes to increase the security, reliability, and trust of existing sites. These trends predate the AlphaBay and Hansa takedowns, but have become more acute as the marketplace model continues to struggle.

AlphaBay was a big player in the underground market - particularly for English-language speakers - and its demise left a gap. No single marketplace has risen to the top. Mistrust and fear are rife, and, alongside hidden financial costs associated establishing a new market, this has prevented a new one from flourishing, the infosec firm said.

Telegram in particular is proving increasingly popular as an alternative. Digital Shadows said that over the last six months, its analyst teams detected over 5,000 Telegram links shared across criminal forums and dark websites, of which 1,667 were invite links to new groups. These covered a range of services, including cashing out, carding and crypto currency fraud.

  • (Score: 3, Insightful) by frojack on Friday June 08, @06:04PM (1 child)

    by frojack (1554) Subscriber Badge on Friday June 08, @06:04PM (#690427) Journal

    Governments want to get rid of Telegram and Signal.

    Step One.
    Demonize.

    Step two.
    Search warrants for mere presence [cnbc.com] of the app.

    Step Three. Block them all [theguardian.com] and let god sort it out.

    Step four.
    Hire the Israelis to hack it [southfront.org] some how.

    Step five.
    Start seizing servers.

    • (Score: 0) by Anonymous Coward on Friday June 08, @06:29PM

      by Anonymous Coward on Friday June 08, @06:29PM (#690441)
      Doesn't WhatsApp have secure endpoint encryption that such people could rely on?

      Or no longer after Facebook bought it? Just like what Microsoft did to Skype? ;)

      Is that where some of the trillions of missing military spending go to? Facebook and Google "ads"? ;)

  • (Score: 0) by Anonymous Coward on Friday June 08, @06:15PM

    by Anonymous Coward on Friday June 08, @06:15PM (#690432)

    That one ancap troll is actually just sending out coded orders! Occasionally they need multiple orders which is why you see the same comment spammed multiple times. Hiding in plain is often quite effective.

