An investigation by security researchers has revealed that cybercriminals are exploiting Telegram’s encryption (opens in new tab) capabilities to sell illegal goods.
Cybersecurity (opens in new tab) experts from NortonLifeLock (opens in new tab) found evidence of a thriving illegal marketplace on Telegram where unscrupulous users hawk everything from Covid-19 vaccines and personal information, to pirated software and fake IDs.
Encrypted chat apps have gained popularity in recent times and are slowly entering the mainstream, displacing incumbents such as WhatsApp (opens in new tab), as users warm up to their privacy-centric advantages.
- These are the best firewall apps and services (opens in new tab)
- We've put together a list of the best endpoint protection (opens in new tab) software
- Here's our choice of the best malware removal (opens in new tab) software on the market
“Scammers, fraudsters and hucksters of illegal goods are usually ahead of the curve on the latest technologies to provide a good experience for their customers. Therefore, we often see these actors as early adopters of popular technologies,” notes NortonLifeLock in a blog post sharing details of their investigation.
Illegal marketplace
The researchers argue that cybercriminals misuse Telegram (opens in new tab)’s strong anonymity protections to engage in such nefarious activities and communicate with customers without fear of law enforcement.
One of the most popular genres of illicit goods according to NortonLifeLock are fake documents and personal information, including social security numbers, home addresses, phone numbers, bank account numbers, and more.
Interestingly, they found that some miscreants even market their items for sale to coincide with newsworthy events. For instance, they found a vendor hawking hacked GameStop accounts right around the time of the GameStop stock trading frenzy (opens in new tab).
More worryingly though, in addition to illegal goods, the researchers also found criminals selling tools and services to facilitate cybercrime, including the rental of entire distributed denial-of-service (DDoS) infrastructure.
- Protect your devices with these best antivirus software (opens in new tab)