Increase in Telegram attacks quadruples over a two-month period
In a staggering development, the frequency of malware scams on the popular messaging platform Telegram has skyrocketed by an astounding 2000% from November 2024 to January 2025. This surge is primarily driven by the proliferation of sophisticated malware like RisePro, combined with the dark web's role as a hub for distributing stolen data and staging social engineering campaigns.
Cybercriminals have been leveraging Telegram's encrypted channels to distribute malware payloads and stolen data, making it a convenient and harder-to-police platform for illicit trading and distribution. Key tactics used by scammers on Telegram include deploying advanced infostealers like RisePro, which steals login credentials, credit card details, browser cookies, and cryptocurrency wallets.
The scammers also employ obfuscation and encryption techniques to make malware harder to detect and analyze, and they exfiltrate stolen data directly to Telegram channels, where logs of credentials and sensitive information are compiled and sold on dark web marketplaces.
Scammers are also known to use fake verification bots and "exclusive" trading or airdrop channels to lure victims. During fake verification processes on Telegram, malicious code is inserted into the clipboard, downloading malware. The majority of stolen funds in 2024 were from DeFi services, as per Chainalysis.
This surge in Telegram malware scams coincides with a response from scammers to heightened user vigilance against popular cryptocurrency scams. However, strategies to combat or regulate these malware scams are not yet clear.
It is crucial for users to remain vigilant and exercise caution when using Telegram. The malware downloaded through these scams can grant hackers access to passwords, cryptocurrency wallets, and browser data, potentially causing significant financial and personal losses.
As the landscape of cyber threats continues to evolve, it is essential for users and businesses alike to stay informed and take necessary precautions to protect their digital assets.
What's the role of Telegram in the increased cybersecurity threats? The platform has become a convenient hiding spot for cybercriminals looking to distribute malware like RisePro, exploit users' trust through fake verification bots, and sell stolen data on the dark web.
With the surge in malware scams, it's important for everyone to understand the risks involved in using Telegram, as this technology-driven environment can expose users to significant financial and personal losses due to hackers gaining access to passwords, cryptocurrency wallets, and browser data.
