Telegram has been found to have security weaknesses.
Scammers have been overwhelming the messaging app with their software.
Telegram users are experiencing an increase in phishing attacks, with bots being the primary method used by attackers. The number of attacks on business accounts has also doubled in the past year, and the latest news and new authorization methods in the app pose risks.
Experts in cybersecurity are noticing a rise in incidents within the Telegram messaging app. Phishing has become one of the main methods of fraud in the app, especially in Russia, and is linked to an increase in audience.
According to the American Cofense, a group fighting cyberattacks, phishing activity in Telegram increased by 800% in 2022, with bots being the primary tool used by attackers.
Group-IB has identified at least 1,000 fraudulent groups operating on Telegram in Russia, including 34 active Russian-speaking groups distributing programs used to steal user accounts. Each group chat typically has around 200 participants, according to Evgeny Egorov, Leading Analyst of Group-IB of the Digital Risk Protection Department.
Many users of the messenger have encountered schemes where attackers attempt to steal accounts using fake resources, according to Olga Svistunova, a content analyst at Kaspersky Lab.
Phishing messages and malicious attachments are being used to steal credentials and gain control over popular channels and groups in the app. Bots are often utilized to compromise victim accounts, says Ekaterina Semykina, an analyst at Positive Technologies research group.
One recent high-profile phishing attack involved distributing a supposed premium subscription to Telegram at the end of December 2022, allowing attackers to gain access to victims' accounts upon activation.
Scammers conducted a similar mechanism in online voting, asking 'friends' to participate. Another incident involved the distribution of a 'new list of mobilized' which resulted in data theft from the link.
The blockage of Instagram and Facebook in Russia led to an increase in Telegram's audience, which in turn led to new fraudulent schemes. The theft of monetized Telegram channels has become more common, and the number of attacks on businesses using the app as an additional channel doubled in 2022, according to Anti-Phishing director Sergey Voldokhin.
Evgeny Antipov, the owner of the Eye of God Telegram bot, believes that the new method of authorization in the messenger carries more risks and poses a more serious danger to users than phishing. In mid-2022, Telegram stopped sending the authorization code via SMS: logging in to a PC client or browser now requires an activated messenger client on a mobile device, where the code is sent. An attacker, for whom it is important to get into the victim’s Telegram account, can hack an account if he sets up call forwarding to his phone number, confirming his identity for the victim, Evgeny Antipov believes, “for this, it is enough to use the passport data that can be found in published by hackers in 2022 databases.
