Encrypted Chat Apps Doubling As Illegal Marketplaces
Encrypted chat apps are gaining popularity worldwide due to their central premise of not sending user data to tech giants. Some popular examples include WhatsApp, Telegram and Signal. These apps have also been adopted by businesses to securely communicate directly to their users. Additionally, these apps have been instrumental to subverting authoritarian regimes. For example, Telegram has been used by pro-democracy dissidents to organize protests in Hong Kong, and communicate amongst themselves in Russia, Belarus, Thailand, and Iran.
However, we’ve found that encrypted chat apps are also being used by criminals to sell illegal goods. Because content moderation is, by design, nearly impossible on these apps, they allow for an easy vector for dealers of illicit goods to communicate directly to customers without fear of law enforcement involvement.
In our analysis, we found a wide variety of illegal goods are being sold on Telegram, including people’s personally identifiable information (PII), likely stolen gift cards, fake documents, pirated software, and tools to facilitate cybercrime such as distributed denial-of-service (DDoS) infrastructure. In recent months, we have also found several accounts dedicated to selling “COVID-19 vaccines,” targeting users in a variety of countries including the United States, China, India, Malaysia, and Russia.
Counterfeit goods are a popular product on Telegram. We found many accounts and groups dedicated to selling a wide variety of counterfeit goods, including luxury watches and purses, designer clothes, and high-end electronics. For example, you can find a counterfeit Rolex for as little as $69 USD.
In recent months, with people anxious to receive a COVID-19 vaccine, criminals have attempted to take advantage of this stress by selling what they claim are COVID-19 vaccines.
Cybercriminals often launder ill-gotten gains such as stolen credit cards through the purchase and sale of gift cards. Other times, the gift cards are stolen directly through either a password leak or via vulnerabilities in the gift card provider’s website. Those gift cards are then sold at heavily discounted prices.
Fake Documents and Personal Information
Another popular genre of illicit goods on Telegram are fake documents and personal information. Fueled by major data breaches such as the one at Experian, data brokers have amassed a shocking amount of personal information including social security numbers, addresses, phone number, bank account numbers, and more.
Tools to Facilitate Cyber-Crime
Interestingly, we observed that cybercriminals are also selling a variety of tools and services, including rental of DDoS infrastructure. We also found accounts marketing cheats for a variety of games, and services marketing themselves for users in India, Europe, Russia, the Arab world, and North America.
Scammers, fraudsters and hucksters of illegal goods are usually ahead of the curve on the latest technologies to provide a good experience for their customers. Therefore, we often see these actors as early adopters of popular technologies (cybercriminals were also among the first to adopt cryptocurrencies such as BitCoin and Ethereum, which are now widely used by the general public for entirely legal purposes). This case is no different, and our research suggests that in the future, legitimate merchants may also adopt messaging apps and the peer-to-peer selling model they allow, similar to Telegram’s.
For more information, tips on how to defend yourself, or to speak to a NortonLifeLock spokesperson please contact Cathrine Pierce at email@example.com or visit the link to the original article here.