Telegram server access for sale on dark web
- Telegram has over 700 million active users.
- Safety Detectives uncovered a store in the Dark Web that allegedly has insider access to Telegram servers, being sold for US$20,000.
- An insider in the internal Telegram network would be able to exfiltrate logs and compromise user data if it the claim is true.
When it comes to social messaging apps, Meta’s WhatsApp remains one of the most used apps in the world. However, when Meta announced plans to change how it handles data from WhatsApp a few years back, there was a huge backlash from users. Many users ditched WhatsApp and decided to move to alternative messaging apps.
Among the alternatives included Signal, Telegram, WeChat, Line, and several others. While each app ensured privacy and security for its users, there were still concerns about how the apps were operated and managed. For example, WeChat has over a billion active users and is owned by Chinese company, Tencent. This raises questions among some users on if the apps were being used to monitor conversations.
On the other hand, messaging app Signal assures end-to-end encrypted messaging, which is also provided by WhatsApp. Yet, Signal runs on an open-sourced code. This means security analysts around the world can test the app to see how secure it is. Signal is also a non-profit organization that in turn assures users that there aren’t any profits or incentives there are hoping to get from user data.
Meanwhile, Telegram which has 700 million active users, is also known for its privacy and security features but there are still concerns about the app. One of the biggest worries about the Telegram app is that it is often used by cybercriminals as well as other criminal activities like the distribution of pornographic materials and drug transactions. Over the years, enforcement agencies continue to clamp down on Telegram groups that are using the app for the wrong reasons.
All the same, Telegram is a popular platform for brands and news outlets. Several large brands and news agencies have Telegram channels that they use to reach out to their readers and customers.
Telegram servers access available on the dark web?
The Safety Detectives cybersecurity team has uncovered a store in the dark web that allegedly has insider access to Telegram servers. According to the cybersecurity team, the servers are being sold at a price of US$ 20,000. The merchant claims to have unhindered access to Telegram servers “through their employees” or what Safety Detectives feels could be someone on the inside.
“The marketplace where we found out about the leak is a darknet marketplace that is not accessible on the clear – or surface – web. It includes illicit software, cracking tools, stolen databases, carding data dumps, drugs, counterfeit money, weapons, and electronics.
The marketplace claims that it can keep payments in escrow if customers select “buyer’s protection”. However, according to activity feeds, there is a mixture of positive and negative reviews related to numerous stores and orders,” stated the report.
The report also stated the vendor’s showcase advert claims that they can provide access to Telegram servers for approximately six months through insider employees. While Security Detectives feel that it isn’t easy to confirm the legitimacy of this claim, given the rising number of scams in the dark web as well, an insider in the internal Telegram network would be able to exfiltrate logs and compromise user data if it is true.
“A potential breach of this manner would also undermine the company’s privacy USP. Furthermore, the trader insists that no hacking has taken place,” the team explained.
For now, the cybersecurity team states that there are still no buy reviews issued in relation to the seller that has been published. As usual, users of apps like Telegram are always advised to be vigilant when creating passwords and not to click on any suspicious links they see on their messaging apps.