CEOs Arrest Will Likely Not Dampen Cybercriminal Interest in Telegram

In recent years, the platform has become a go-to tool for executing almost all conceivable cybercriminal activity.

The recent arrest and indictment of Telegram CEO Pavel Durov in France will likely have little short-term impact on use of the platform among cybercriminals and nation-state backed hacking groups.
In the past few years, Telegram has emerged as a haven for bad actors to communicate with each other, sell personal information, unload credit card details and user credentials, and for
malware distribution
. Many also use the platform for command and control (C2), to manage botnets, to communicate with ransomware victims, to coordinate attacks, and generally as an alternative to the Dark Web.
In a report earlier this year, Guardio described Telegram as playing a large role in
democratizing
phishing operations. This messaging app has transformed into a bustling hub where seasoned cybercriminals and newcomers alike exchange illicit tools and insights creating a dark and well-oiled supply chain of tools and victims data, Guardio had noted. Free samples, tutorials, kits, even hackers-for-hire — everything needed to construct a complete end-to-end malicious campaign.
Security researchers expect little will change following Durovs arrest on charges related to bad actors using his platform for child abuse, drug traffic and for other nefarious activities. French authorities have also charged Russia-born Durov — who is now a French citizen — with not responding to law-enforcement requests for Telegrams assistance in bringing to justice criminals who are using the platform for illicit and illegal activity.
While this could lead to Telegram cleaning house of malicious elements, it may not move the needle on cybercrime activity, experts say.
Durovs Aug. 24 arrest has been controversial and triggered considerable
debate over free speech
issues and the extent to which CEOs like Durov should be held liable for the behavior of users on their platforms. French President Emmanuel Macron himself has stressed Durvos arrest and subsequent indictment are not an attack on free speech.
France is deeply committed to freedom of expression and communication, to innovation, and to the spirit of entrepreneurship, Macron
said in a post on X
, formerly known as Twitter. The arrest of the president of Telegram on French soil took place as part of an ongoing judicial investigation. It is in no way a political decision.
Durov is currently out on a roughly $5.5 million bond but cannot leave France. He is required to report twice a week to a French court.
In the meantime, crackdown or not, criminals
tend to adapt quickly to changing circumstances
and may simply increase their operational security measures while continuing to leverage the platform.
The impact of the CEOs arrest on cybercriminal use of Telegram will likely be minimal in the short term, says Stephen Kowski, field CTO at SlashNext Email Security+. However, if the arrest leads to increased scrutiny or changes in Telegrams policies, we could see a gradual shift to alternative communication channels.
Adam Gavish, co-founder and CEO at DoControl, notes that Telegram innately provides OpSec for users, for a few key reasons.

First, it offers end-to-end encryption and self-destructing messages, which provide a sense of security and anonymity. Second, it allows large file transfers, making it easy to share stolen data. And third, its channel and group features let cybercriminals easily broadcast messages to many followers or collaborate in private groups. Telegram itself says it can
support group sizes of 200,000
members, which is larger than what many other social media platforms allow. The fact that users can sign up for the service with just a virtual phone number is another major bonus for threat actors.
Cybercriminals are also disincentivized from moving shop. While there are other platforms cybercriminals could use, Telegram has reached a critical mass in terms of adoption, Gavish says. Its become a go-to marketplace for buying and selling stolen data, sharing hacking tools, and coordinating attacks. Cybercriminals have established extensive networks there, so moving to a new platform would be disruptive.
One situation where criminals might be forced to seek alternate channels is if it turns out that the
Russian government
has some sort of a backdoor to snoop on messages traversing the platform, says Rik Turner, an analyst at Omdia. In that case, fears that Durov could be pressured into revealing that backdoor to Western intelligence services, in exchange for a lighter sentence, could prompt quite a few people to seek alternative channels, he says.
Gavish agrees that the arrest could make a small set cybercriminals more cautious about using Telegram for high-stakes operations. But a mass exodus is unlikely unless we see concrete evidence that Telegrams security has been compromised, he stresses.

Last News
▸ New startup offers human verification process. ◂ Discovered: 26/12/2024 Category: security	▸ Top 5 Data Breaches in Spring 2013. ◂ Discovered: 26/12/2024 Category: security	▸ Protecting the end system from cyber threats ◂ Discovered: 26/12/2024 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
CEOs Arrest Will Likely Not Dampen Cybercriminal Interest in Telegram