April 7, 2023Rabbi LakshmananCyber ​​Threat / Online Security

In another sign that Telegram is becoming an increasingly thriving cybercrime hub, researchers say attackers are using the messaging platform to sell phishing kits and help set up phishing campaigns. I discovered that

“To promote their ‘merchandise’, phishers create Telegram channels through which they educate their audience about phishing and survey subscribers with surveys such as ‘What type of personal data do you prefer? ,” said Kaspersky Web Content Analyst Olga Svistunova. Said In a report released this week.

Links to these Telegram channels are distributed via YouTube, GitHub, and phishing kits developed by the scammers themselves. A Russian cybersecurity firm says it has detected over 2.5 million malicious URLs of his generated using phishing kits in the past six months.

One of the prominent services offered is providing threat actors with a Telegram bot that automates the process of generating phishing pages and collecting user data.

It is the scammer’s responsibility to distribute fake login pages to their targets, but the credentials captured on these pages are sent back by another Telegram bot.

Other bot services go one step further with advertising options to generate phishing pages that mimic legitimate services and lure potential victims on the pretext of distributing free likes on social media services. used for

“Scammer-run Telegram channels sometimes post what appear to be very generous offers. We did it,” says Svistunova.

In some cases, phishers share users’ personal data with other subscribers for free, in hopes of attracting aspiring criminals, and sell paid kits to those who want to carry out further such attacks. Scammers even offer to teach you how to phish for big bucks.

Using free offers is also a way for scammers to trick cash-strapped and novice criminals into using phishing kits, resulting in stolen data being sent to the creators without their knowledge. Double theft occurs.

Paid services, on the other hand, include advanced kits that boast attractive designs and features such as: antibot detection, URL encryption and geoblocking that attackers can use to carry out more sophisticated social engineering schemes. Prices for such pages range from $10 to $280.

Another paid category involves selling personal data and promoting bank account credentials at different rates based on your balance. For example, an account with a balance of $49,000 was registered with $700.

Additionally, phishing services are sold on a subscription basis (i.e. phishing-as-a-service or PhaaS) via Telegram, where developers rent kits for a monthly fee in exchange for providing regular updates. increase.

upcoming webinars

Learn How to Secure Your Identity Perimeter – A Proven Strategy

Improve your business security in our upcoming expert-led cybersecurity webinar: Exploring Identity Perimeter Strategies!

Don’t miss it – secure your seat!

Also advertised as subscriptions, one-time password (OTP) bots call users and convince them to enter a two-factor authentication code on their phone to circumvent account protection.

Setting up these services is relatively straightforward. Even more difficult is earning customer trust and loyalty. Also, some vendors ensure that all information is encrypted so that it cannot be read by third parties, including themselves.

The findings also follow recommendations from Cofense earlier this January. clearly The use of Telegram bots as a source of phishing information has increased by 800% year-on-year.

Svistunova said: “As bad actors migrated to her Telegram and now shared their insights and knowledge on the popular messaging service, which is often free, the threshold for joining the phisher community was lowered. rice field.”

Did you find this article interesting?Please follow us twitter and LinkedIn To read more exclusive content that we post.



Register now for our membership to gain access to our elite training program and fast forward your career today!


Subscribe my Newsletter for new blog posts, tips & new photos. Let's stay updated!

Security Blog

Blue Training Academy

Blue Training Academy was developed in 2018 as a educational and training facility for continuing education and certification courses. Blue Training Academy is an educational institution that allows for all sectors of the public and Criminal Justice field to gain ongoing training and education.

Copyright ©️ All rights reserved. | Blue Training Academy Blog