Cyber threats
Barometer

For its hundreds of millions of monthly users, Telegram is as much a user-to-user messaging application as it is a social network. Broadly speaking, it has everything you’d expect from a social network… and even more. Telegram has the unfortunate reputation – and rightly so – of hosting chat channels whose activities are illegal. From selling handguns to extremist communities to broadcasting live military operations by armed groups, Telegram is a playground for all kinds of illegal activities. A Dark Net easily accessible to all.

Said to be “security-oriented”, the application offers encryption enabling users to exchange without fear that their conversations will be monitored by law enforcement agencies. At least in the public imagination, because in reality the messaging service does not provide encryption by default.
In the same confidentiality vein, the platform’s strict policy protected users by not sharing their information with law enforcement agencies. But that was before as Telegram now shares user info

On September 23, following an arrest a month earlier in France, Telegram founder Pavel Durov announced that he was updating the privacy policy to include the possibility of sharing users’ IP addresses and phone numbers as part of criminal investigations, if the activities violate the platform’s terms of use. “These measures should discourage criminals. Telegram is intended for finding friends and discovering news, not for promoting illegal products,” the founder thus stated. However, Pavel Durov clarified on October 2 via his Telegram channel that the sharing of IP addresses and phone numbers had in fact already been in effect since 2018 at the request of the authorities. Whatever the case, criminals are officially no longer protected by the platform.

For good reason, according to cybercrime forum BreachForums, since Telegram’s privacy policy was updated, some users have rapidly lost confidence in the platform for sharing their malicious activities and seem to want to move away from it.

End-to-end encryption (E2EE) is a secure communication method in which data is encrypted on the sender’s device and decrypted only on the recipient’s device. This ensures that the information sent cannot be read during transmission, or even by service providers, enabling secure “end-to-end” communication, particularly used for messaging services or online storage.

While data confidentiality is assured, this technology nevertheless hinders content moderation, the monitoring of criminal operations or the detection of threats on networks.

Malware, critical vulnerabilities, advanced persistent threats, industries particularly targeted, weak signals of emerging attacks…It’s no secret that knowledge of one’s adversary is a key factor for the security of an enterprise. The Cyber Threats Barometer gives you a monthly overview of the cyber threats detected by Gatewatcher CTI, our Cyber Threat Intelligence platform.

Gatewatcher CTI’s automated collection, analysis and correlation engines are continuously fed by more than 4000 data sources from multiple channels: social networks, specialized sites, dark and deep web. They make threat information available an average of 24 hours in advance of the competition and help operational response teams make better decisions by dramatically reducing their analysis and incident treatment times.