Telegram: Criminals’ Favorite App
How bad guys decided to ditch the Dark Web and come to the light of messaging apps
Telegram, like many other messaging platforms, has been known to be used by criminals for various illicit activities, including the sale of illegal goods. While Telegram itself is not inherently designed for criminal activity, its encrypted messaging features and relative anonymity can make it appealing to criminals.
Some Darknet communities migrated to Telegram in the past years. Certain channels or groups within the app facilitate a wide range of illegal activities from selling goods like drugs or fake documents to spreading pornography, extremist propaganda, hiring money mules, and finding scam victims. These channels often operate in the shadows, hidden from public view, and may require invitations to join.
Others are open to join for everyone and are easily searchable by keywords. Compared to Darknet, with access through VPNs, special browsers, constantly changing links, and an unstable and slow connection, using Telegram is extremely easy.
The app has 900 million monthly active users and it’s growing rapidly. Telegram is known for its enhanced privacy and anonymity. To create an account, you just need a phone number and it can be a virtual number or a burner, not connected to any identity. The privacy settings allow users to hide almost all information about them and there is no verification involved.
Encryption makes it safe from government or law enforcement oversight. Even data on devices can be wiped out remotely so it’s very hard to access information for evidence collection. Even if law enforcement can come up with subpoenas, the only available user information, is a name, phone number, and IPs.
Some usernames can be bought and sold between users. Telegram bot and automation capabilities serve perfectly for marketplace purposes. Buyers can buy goods with one click and get delivered digital products instantly. All of these conditions created a perfect criminal underground ecosystem.
Telegram doesn’t monitor chats or private groups and they do not process any takedown requests related to them. They promise to remove illegal content from public channels and groups by request but it’s unclear how proactively they monitor for violations. Telegram pledged to remove all terrorism-related groups and chats, but they are still available.
The list of investigations against illegal activity on Telegram is growing. The app was removed from the App Store for not taking action to curb the spread of child pornography in 2018. The Brazilian Supreme Court forced the app to remove disinformation posts under the threat of suspension in the country, and the Central Narcotics Bureau of Singapore arrested more than 500 Telegram drug dealers in the last few years.
Considering the sheer number of channels, groups, chats, bots, keywords to survey, and users to listen to, it’s impossible to monitor Telegram manually. Different channels can have the same bot posting and reposting the same messages, creating ever-present noise that needs to be filtered through. Many companies promise to provide comprehensive Telegram monitoring, but it seems that intelligence-gathering efforts are still lagging.
