The journalists found out that the messenger is a thriving trade in US secret data, which is stolen by Russian hackers.
Telegram is a thriving trade in US classified data that is being stolen by Russian hackers. This is reported by the Financial Times, having conducted its own investigation. Among the stolen information are documents from American financial, industrial and military companies and government agencies that could undermine the US defense capability. This unique investigation reveals how hackers are using Messenger to sell and exchange stolen data.
According to FT journalists, there are many groups on Telegram in which hackers offer tens of thousands of secret data for money or other data. For example, one hacker showed FT reporters sample source code, settings, and test data from an industrial process that was described as producing an alloy used to reinforce the armor of US-made infantry fighting vehicles. In another Telegram chat, the journalist of the newspaper was able to acquire a list of people who are prohibited from flying into the United States, from it or within the country.
The hackers also told undercover reporters that all of these groups are just the “tip of the iceberg.” According to them, you can “spend years” on the dark web until you are invited to a truly secret chat. In such chats, the "best materials" are exchanged for stolen US or European business data - credit card information, emails, social security numbers.
Experts note that in 2022, shady platforms actively mastered Telegram and created channels and groups in it, in which they sold personal data and promoted various services of cybercriminals. According to experts, messengers are convenient for use by a wide audience and provide an acceptable level of anonymity with less effort, which lowers the entry threshold for new cybercriminals. However, the most serious operations, including the distribution of well-known ransomware, trade in access to corporate networks, are practically not made public, but are carried out within the framework of closed partnership programs and specialized forums.
According to Securitylab, this is not the only time Telegram has been used for cybercriminal activities. Positive Technologies experts have analyzed publications on cybercriminal topics in Telegram channels and chats and recorded the growth of the market for criminal cyber services in the messenger. The bulk of the messages are related to user data, including their trading and operations. Among the most popular malware were programs for remote control and stealers. The cost of malware can range from $10 to $3,500 depending on the type and functionality.