"For the non-negotiable price of $20,000, threat actors claim they can provide insider access to Telegram servers running the encrypted instant messaging platform preferred by a security-conscious clientele.
The ad, posted on a Dark Web marketplace and discovered by the researchers of SafetyDetectives, boasts that the access is high-level and provided "through their employees."
Rather than providing remote access, the seller is hawking "an offering of correspondence for six months," the SafetyDetectives team added.
"It is impossible to say how many users, or Telegram servers, may be impacted," the report explained. "However, if the vendor’s claims are valid, an insider in the internal Telegram network would be able to exfiltrate logs and compromise user data."
Meanwhile, it seems Telegram might have a broader phishing problem.
www.darkreading.com
The ad, posted on a Dark Web marketplace and discovered by the researchers of SafetyDetectives, boasts that the access is high-level and provided "through their employees."
Rather than providing remote access, the seller is hawking "an offering of correspondence for six months," the SafetyDetectives team added.
"It is impossible to say how many users, or Telegram servers, may be impacted," the report explained. "However, if the vendor’s claims are valid, an insider in the internal Telegram network would be able to exfiltrate logs and compromise user data."
Meanwhile, it seems Telegram might have a broader phishing problem.
Phishing Explodes on Telegram
The discovery comes on the heels of the release of new data from Cofense that shows that the abuse of Telegram bots exploded by 800% in 2022, driven by threat actors using malicious HTML attachments to deliver credential phishing attempts. Telegram bots are also attractive to spear-phishers because they're free and easy to set up and run...."
$20K Buys Insider Access to Telegram Servers, Dark Web Ad Claims
In the ad, cybercriminals are offering to sell employee-level access to Telegram, researchers warn.
