Threat Management, Malware

Encrypted communications lure cybercriminals from dark web to Telegram app

Cybercriminals are branching out from the dark web and into encrypted messaging apps to conduct their nefarious deeds.

CheckPoint researchers spotted an uptick in threat actors using Telegram channels to take part in cybercrimes to communicate in a more secure and accessible manner, according to a firm's Telegram: Cyber Crime's Channel of Choice report.

The app is set apart by emphasis placed on its enhanced security capabilities which make it a viable alternative to the secretive forums on the Dark Web.

 With the take down of Dark Web market places including Hansa Market and Alpha Bay cybercriminals are turning to mobile messaging apps to do their bidding in order to evade authorities and continue their trade.

Cybercriminals are using hosted chat groups on the app known as ‘channels' to broadcast messages to an unlimited number of subscribers. While the chat messaging history can be viewed publicly responses to public messaging can be done privately giving cybercriminals more opportunities to disguise their activities.

This enables threat actors to have private end to end encrypted conversations while their identities remain hidden as opposed to dark web conversations that left all of the communications exposed.

In these channels, researchers spotted illicit job offers that were color coded with jobs that are dangerous and likely to entail legal risks marked as black with less threatening jobs marked as gray or white. Researchers also spotted advertisements for the sale of stolen documents or hacking tools.

Governments are already looking into new ways to combat the free reign theses encrypted devices in an argument that may spill over into the encryption of messaging apps as well. Earlier this month Attorney General Jeff Sessions said Congress may need to take action concerning federal law enforcement agencies unlocking encrypted devices tied to investigations.     

"Last year, the FBI was unable to access investigation-related content on more than 7,700 devices — even though they had the legal authority to do so,” Sessions said. “Each of those devices was tied to a threat to the American people," Sessions said, adding that the "stakes are high." 

He went on to say that he is working with stakeholders in the private sector, in law enforcement and in Congress to find a solution.

This may help refuel the debate of whether or not tech companies should put backdoors in their products which many warn could be exploited by law enforcement agencies or malicious actors who find the backdoors. 

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.