Telegram : A new dark web

I have been using telegram from a past few months and found this cloud-based messaging application far better than whatsapp in terms of privacy, anonymity and easy to use features like inbuilt bots{which do almost everything for you}. Also there is better UI and automation involved in Telegram, which makes it one of its own kind.

But not everything is well with telegram. This application is badly misused by a lot of malicious actors, who have misused the privacy provided by Telegram to spread the illegal agendas. There are tons of nefarious things and activities that you find on Telegram, some of them are mentioned below:

Telegram application

What all can you find on telegram:

  1. All paid courses for free {ALL MEANS ALL}

All education courses from all popular education content companies is available on Telegram groups. The cost the course found on these groups can range from $200 — #10000 . Furthermore, In many groups, you just need to send the original link to the course you need, and within 1–2 days, you can relish the full course for free.

Example : All SANS latest courses(video, books and USB stick), all Pluralsight,Udacity, Udemy, TCM, Offensive Security, Deadsec, zdsec courses etc

2. All web series, movies or online streamed content for free

If torrent isn’t enough for you, then you can also try telegram.

All major web series,movies and online streamed content reaches the Telegram’s groups in a minutes of the series public premier.

3. All major Hacking scripts and tools that are really dangerous: SIM hacking tools, Secret tools v18.0 by Dr.Raygun, , Phreaking guides

There are a lot of deep web tools that are made and used by professional hackers. These tools were really difficult to obtain for people without access to the deep web forums and hacking groups. But now you can find most of these tools on Telegram. Example:

SIM cloning and cracking tool

Phreaking guides: Telephone hacking / making free calls

Black hat hacking tools

Beware: Some of these tools on Telegram are literally Trojan-horses, that will hack your system instead of your target. The rest will lend you in jail

4. Malicious concepts, tutorials of contents like cracking, carding, load-outs, cash-outs

Several courses in different languages are circulated on telegram groups that literally teach:

  1. How to steal someones credit card information?
  2. How to use that information to buy stuffs like electronics through dark web sites and e-commerce platforms?
  3. How to hide yourself from the law enforcement agencies and bypass AI-powered anti-fraud checks implemented by several banks?
  4. How to load-out or drop your products safely to your or some safe location?(where police can’t confiscate those products)
  5. Several complete courses on carding in different languages

5. Compromised list of email, facebook, instagram or even bank accounts

Several huge lists of compromised accounts of emails, Facebook login credentials, etc are available and distributed openly on some of the telegram groups. These email word-lists can be as big as 10 million compromised email,s and are usually in range of 10,000 to 1 million.{the status of email account can be verified using email checkers}

Along with email credentials, ATM cards(bins), that contains live Credit Card, are distributed on these groups. Credit card numbers, PIN, SSN number and even information about the original user are given on these groups along with compromised Online streaming content accounts like Ullu, Amazon Prime, etc.

6. Zero-day exploits and methods

There are several so-called cybersecurity groups, that deal with selling or in some cases even openly sharing several zero-day exploits. These exploits archives are as big as 10GB and are filled with latest bypasses and zero-day methods that exploit several vulnerability in top level applications like uber, etc. These archives are named as Fraud bible 2020 or fraud bible by ****, and are openly available for anyone and everyone who can take risks and use these techniques. These archives also has video tutorials that help even the script-kiddies to follow the steps and cause havoc to himself(as he is script-kiddie and will be caught easily) and to the society.

7. Buying-selling of stolen data, illegal stuff

Everyone knows that deep web is famous for selling of illicit, banned and stolen items. But these deep web forums are limited in number, have restricted access to common citizens and usually face wrath of NSA like organization in many cases. Also these stolen/illicit/banned stuff like stolen electronics, drugs, illegal pornographic material is being sold at telegram groups.

8. Malware source codes and generation tools

This is the most annoying stuff on telegram. You all must know that new malwares are somewhere-somewhat derived from the previous malware families. So a major part of malware creation is adoption of some successful modules from the previous malware families. These malware codes were shared online in dark web in highly authenticated groups, but now with arrival of telegram this trend has changed. Some telegram groups share source code of a lot of malwares openly through mega drive links. Though, these links are brought down after a few days, but until then these drives contain source code of a lot of live and old malwares. Furthermore, live addon utilities like custom crypters, packers and binders(which helps a hacker to evade anti-virus solutions) are also available to anyone and everyone.

9. Free leachers who try to fool script-kiddies

That’s the latest and most amusing thing that i saw on telegram application. The configuration files that were sent along with the RDP crackers, Auto Proxy Grabbers, Account checkers, etc contained some hits(valid accounts) stealing lines. These configuration files does not only check if the accounts are active or not, but also send the information about the accounts to a unknown IP address. By using this way, a person(checker application author) can get information about all compromised accounts without risking himself of being caught by law enforcement agencies.

Risk taken by script-kiddies == profit by professional hackers

Apart from all the above things, you can also converse live to the so-called real hackers/carders/crackers. They sell their personalized courses and live zoom-based tutorials on these Telegram Groups, that you can join easily by spending just a few dollars.

Not everything is bad with telegram, there are several groups that discuss latest developments in fields of malware analysis, penetration testing, digital forensics on their groups, which adds a lot to your knowledge. You can listen to their experiences and learn from the mistakes they made in the professional life.

Hi! I am a B.Tech student, whose enjoys reverse engineering and digital forensics. I relish reading anything and everything about cybersecurity.