“General people data for sale in bulk, if anyone interested or want to see samples. Escrow accepted.” “Selling gambling database. Brazil/Asian countries. Sweet price. For more information, message me.” “I have big data. DM now.” “Selling complete database mentioned in this data leak. Full name, DOB, address, phone number.”
What you just read is 30 seconds of messages posted on a Telegram group simply titled, “Data Selling”. Tons of data, hacked or leaked from online repositories all over the world, are routinely sold and bought on Telegram on a daily basis. The messaging app with its strong focus on privacy has been the talk of the town ever since its founder, Pavel Durov, was arrested on Sunday.
The Franco-Russian billionaire was travelling via Azerbaijan on his private jet when he was detained at the Bourget airport in France and placed under arrest. He has been named as an accused in cases relating to fraud, drug trafficking, cyberbullying and organised crime, according to news reports emanating out of France, and also charged with failing to take action against the misuse of Telegram for the above mentioned illegal activities. But the problem isn’t one that only France is facing. Several countries across the world are plagued by the same issue, including India. In 2022, the Mumbai Cyber police detained a Class 12 student in connection with a cybercrime that was particularly sophisticated, given the age of the suspect.
The 16-year-old resident of Thane was traced via intensive cyber-forensic investigation after a known coffee shop outlet registered a case with the police. Transactions amounting to thousands of rupees were being made through gift cards issued to their customers. Only, these customers weren’t the ones making these transactions. The monetary value of the cards was being debited from the customers’ cards on a regular basis and everyone was foxed. When the suspect was finally picked up and quizzed, even the cops were astounded. The boy had wormed his way into underground hackers’ forums, learned how to clone gift cards, then learned how to access the coffee shop’s data through a vulnerability in their server and started cloning cards issued in other customers’ names. His only wish was to be the cool dude of the group -- the guy who is always flush with money and treats his friends to fancy cappuccinos and delicious blueberry compote pastries. And he learned all of these nasty skills before reaching undergraduate level thanks to Telegram.
The app was launched in 2013 with its strongest USP being privacy. The strong encryption and secure storage, coupled with cross platform compatibility, higher data sharing options than its contemporary apps and vehement anti censorship features made it a runaway hit. The privacy conscious loved it. So did the cybercriminals. Experts estimate that it hardly took a year for the cybercriminal underground, already thriving on the dark web, to set up its bases on Telegram as well. But the key difference here was while the dark web takes a modicum of skill to access and navigate, Telegram just needed to be installed on your device. From there on, it was just a matter of patient searching and sending messages.
In no time, gangs that sold drugs on the dark web set up shop on Telegram. Those dealing in pornographic material followed suit. Soon, bots accounts - - automated chat systems -- offering convincing fake nude pictures, aka deep nudes, were set up. Users simply have to upload the picture of the target, make the payment to the specified account, and download the generated deepnude. Today, thanks to AI, these bots offer video deepfakes as well. Then came the really dark stuff - Child Sexual Abuse Material of CSAM. The perverted form of pornography is now a thriving industry, with the groups sporting names as innocuous as “Pizza Delivery”.
“CSAM networks leverage the Telegram platform as a clandestine space where they can conduct their activities in private. Telegram’s platform features facilitate the exchange of illicit material and the coordination of exploitation efforts. Public and private channels provide forums where perpetrators can share images, videos, and links to illegal content with impunity,” states an April 2024 report by The OSINT Team, a collective of Open Source Intelligence experts that trawls material available in the open domain for intelligence.
The same is also confirmed by an FBI press release issued in November last year, following the arrest of a former FBI contractor for the alleged purchase of CSAM material via Telegram.
“According to court documents, beginning in February, Brett Janes, 26, of Arlington, Virginia, enticed a 13-year-old minor he met through playing Valorant, a popular first-person shooter game, to engage in “strip” games on a video chat in Discord. Janes threatened to commit suicide and sent the victim payments through CashApp to convince the victim to create and send him CSAM. He convinced a 12-year-old boy to produce CSAM and attempted to entice another minor boy to produce CSAM. Janes also admitted to purchasing hundreds of videos and images of CSAM through Telegram,” the press release states.
And finally, we have cyber-terrorism. In 2022, when the Rail Yatri data was hacked and leaked on the dark web by an Israeli hacker group, this writer reached out to an independent cyber expert, seeking help to interview the hackers. The expert simply replied with a Telegram ID, followed by a message: “Just hit him up on TG bro he’s giving out samples too.” Durov’s arrest has intensified the age old debate of privacy versus censorship. But as always, while the debate rages on, it is the common man who suffers.