The Mystery of 45 Million: Why Doesn't Telegram Reveal Its Cards?

[Friend]

The messenger may face sanctions for violating European rules.

The Telegram app has come under scrutiny from the European Union after failing to comply with requirements to provide updated data on the number of users in the EU, the Financial Times writes, citing sources. In February of this year, the company said that the number of users in the European Union is 41 million. However, according to the rules of the EU Digital Services Act (DSA), Telegram was supposed to provide updated data this month, which did not happen. The company only stated that it has "significantly less than 45 million monthly active users in the EU."

Violation of data requirements could lead to Telegram being recognized as a "very large online platform," two EU officials say. This status imposes additional obligations on the company, including strict requirements for compliance with the law, content moderation, independent audits and mandatory data exchange with the European Commission.

Telegram has increased its popularity significantly in recent years, offering users encrypted messages, as well as the ability to create groups and channels for broadcasts that are used by world leaders. The app now has almost a billion users worldwide.

Earlier this year, Pavel Durov, the founder of Telegram, told the Financial Times that the app's user base is "roughly proportional to the population of each market or continent," with the exception of China.

Telegram has not yet commented on requests for an investigation by the European Commission. Meanwhile, the European Commission's Joint Research Center, which focuses on technical data analysis, is conducting an independent investigation to determine the exact number of Telegram users in the EU. As the representative of the Commission for Digital Affairs noted, the European Commission has its own methods and calculations to determine the accuracy of the data provided about users. In the event that Telegram's data turns out to be unreliable, the platform can be unilaterally recognized as "very large" based on the results of this investigation.

The DSA rules for major platforms came into effect a year ago and have already affected global companies such as Instagram, Google, and TikTok. The new requirements include a ban on targeting ads based on users' religion, gender or sexual preferences, mechanisms for disclosing measures taken by platforms to combat misinformation or propaganda, and new safeguards for minors. Some platforms are already challenging these rules in court due to their high load.

Source

 

[Friend]

Indonesia is ready to block Telegram
The streaming service Bigo Live was also under the threat of a ban.

The Ministry of Communications and Informatics of Indonesia intends to take measures to block the popular streaming app Bigo Live and the Telegram messenger in connection with their alleged participation in the distribution of pornographic content and the promotion of gambling on the Internet. Budi Communications Minister Ari Setiadi said the agency had already issued stern warnings to both platforms, but their response was insufficient.

According to Setiadi, it would be preferable to immediately block Bigo Live and Telegram, but before that, the team of specialists needs to conduct additional research and collect evidence. He stressed that this is the second warning for Bigo Live, and in case a third is necessary, the Singapore-registered platform will be blocked without hesitation.

Despite previous warnings, the promised improvements in content moderation and solutions to emerging problems from Bigo Live and Telegram have not yet been implemented. Setiadi noted that the ministry's actions are based on evidence collected by a team of specialists. If the facts of the distribution of pornography or gambling propaganda are detected, the procedure for blocking platforms will be initiated, he added.

Other countries also have claims against Telegram. Earlier, the Amsterdam authorities imposed a ban on the use of the Telegram messenger on the work phones of municipal employees. This was reported by the Dutch radio station BNR. The ban was introduced back in April, but it was not publicly announced. The reason for the ban was concern about the criminal use of the application and the possible risk of espionage. Alexander Scholtes, a spokesman for the Amsterdam municipality, in an interview with BNR, called Telegram "a haven for hackers, cybercriminals and drug dealers".

Also, the Minister of Justice of Denmark, Peter Hummelgaard, proposed to restrict access to WhatsApp, Telegram and Signal messengers, since they are used by criminals to coordinate their activities. Hummelgaard said that existing legislation does not allow for such restrictions, but the government is looking for ways to develop new legal instruments.

The minister stressed that these messengers are a "strong legal headache", as encryption complicates the work of law enforcement agencies. Hummelgaard intends to introduce geo-blocking or complete closure of some of these services, if possible.

 

[Friend]

$10 Cyber Attacks: Telegram Turns DDoS into an Affordable Service
DDoS-as-a-Service is gaining popularity among cybercriminals.

In the first half of 2024, Europe faced a sharp increase in the number of cyberattacks related to Distributed Denial of Service (DDoS). According to the FalconFeeds.io study, 3,529 DDoS attack incidents were recorded during this period, which is 60% of all cyberattacks analyzed by experts. A key role in this growth is played by the proliferation of DDoS-as-a-Service (DDoSaaS) services through platforms such as Telegram.

DDoS attacks, unlike traditional DoS attacks, are much more disruptive due to their distributed nature. They use many systems running at the same time, which makes it difficult to protect against them. A particular threat is posed by Telegram, where cybercriminals actively offer DDoS attack services. On this platform, there are more than 140 channels and groups engaged in the sale of such services, 80% of which continue to actively function, accepting payment in cryptocurrency. This makes attacks accessible to a wide range of users, including those who do not have specialized technical knowledge.

The cost of such attacks varies: the simplest of them start at $10 per month, and the more complex and time-consuming ones can cost thousands of dollars. Telegram actively advertises various tools for carrying out attacks, such as Lava C2/API, SOCKET and others, capable of attacking hundreds of IP addresses at the same time, bypassing protection and causing serious failures in the operation of target systems.

DDoS attacks are often used by cybercriminals for financial gain, political purposes, competition, or even revenge. With the development of platforms like Telegram and the increasing availability of DDoSaaS, such attacks are becoming more frequent and powerful, underscoring the need to strengthen cybersecurity measures.

The rise in DDoS attacks is also due to an increase in the number of insecure Internet of Things (IoT) devices that are used to create massive botnets. These devices generate huge amounts of traffic, which makes the attacks even more dangerous. There is also a trend towards the use of DDoS attacks as part of complex cybercriminal operations, often in combination with other types of attacks, such as phishing or malware distribution.

To protect against DDoS attacks, organizations are recommended to implement multi-layered security measures, including network and application solutions, traffic monitoring, and incident response planning. Using cloud-based DDoS protection services and conducting regular attack response exercises will help minimize risks and protect critical infrastructure.

The growing popularity of DDoS-as-a-Service on Telegram highlights the need for increased control over cybercriminal activity in the digital space and the introduction of advanced protection technologies to prevent potential threats.

 

[Friend]

Telegram checks: the new currency of the underworld
Telegram has become the main channel for trading stolen documents.

Over the past three years, the U.S. has seen a sharp increase in check fraud, causing significant financial losses. According to the US Treasury Department, from 2021 to 2023, the number of suspicious transactions related to check fraud increased by 90%. In 2023, consumer and business losses from such actions amounted to about $21 billion. The main reason for this surge was the development of a local cybercriminal ecosystem, where Telegram plays a key role as a platform for the exchange of stolen checks.

Analysts at Recorded Future studied nearly a million images of stolen bank checks that were put up for sale on more than 700 Telegram channels in the first half of 2024. One of the main findings of the study is that the Telegram check fraud ecosystem is characterized by mass reposting, with an average of one image of a stolen check being reposted six times on different channels. This creates a challenge for those trying to trace the original source and significantly increases the time and resources spent identifying the original stolen checks.

Geographic analysis found that check fraud affects all 50 U.S. states, but is most active on the East Coast, especially in major cities. For example, in New York, many criminal groups have been identified that specialize in stealing checks. The analysis showed that different groups are active in different areas of the city, and none of them is completely dominant, indicating high competition between criminals in this region.

At the same time, in less populated areas, such as Baton Rouge and the neighboring parish of St. Landry in Louisiana, check fraud is concentrated around one or two sources. These areas saw a sharp increase in thefts of U.S. Treasury checks in February and March 2024, coinciding with tax season and tax refund times. This indicates that criminal groups purposefully choose periods when a large number of state checks are in circulation.

For financial institutions, this sharp increase in check fraud means not only direct financial losses, but also an increase in operational costs associated with fraud control and customer service. To counter this threat, banks are encouraged to proactively educate customers about the risks, provide them with alternative payment methods such as online payments and wire transfers, and use specialized tools to monitor and prevent cheque fraud.

Close coordination with law enforcement is also important to successfully investigate and prosecute those involved in cheque fraud. Despite the decline in the overall use of checks in the U.S., their higher average cost and the rise of criminal networks indicate that the threat of check fraud will not diminish in the near future. Only the large-scale implementation of improved verification procedures and anti-fraud measures can reduce the attractiveness of this type of crime for cybercriminals.

 

[Friend]

From France to Korea: the global offensive on Telegram has begun
South Korea is increasing the pressure on the messenger because of deepfakes.

The South Korean police have launched a check against Telegram on suspicion of aiding and abetting crimes using deepfake technology. This was announced by the director of the National Police Investigation Agency, Wu Jongsu, at a regular press conference, writes the Yonhap news agency.

Woo Jong-so noted that Telegram generally does not provide the necessary information for investigations to either South Korean or other international law enforcement agencies, including the United States. He admitted that this creates significant difficulties in the investigation. However, Wu stressed that the police already have successful experience in investigating crimes committed using Telegram and are now using all available methods to move forward in the current case.

In addition, Woo Jongsu said that the South Korean police intend to work together with French investigative authorities and various international organizations to develop new methods of investigation into Telegram. This decision was made against the backdrop of growing concern of the international community about crimes committed using the messenger.

Recall that earlier the French authorities issued an arrest warrant for the founder and CEO of Telegram, Pavel Durov, charging him with aiding and abetting in the commission of various crimes, including online sex crimes and drug trafficking.

In the four days from August 26 to 29, 88 reports of deepfake crimes were registered in South Korea, which is almost 10 times higher than the average weekly number of such reports in the first seven months of the year. The police are investigating eight Telegram bots that automatically generate deepfake content of a sexual nature, and are also studying group chats where such materials are distributed. The creators of bots can be charged with conspiracy and aiding and abetting crimes.