Russia-Ukraine war: Telegram’s new battleground for cybercriminals

Cyber criminals are also leveraging the conflict to steal funds under the disguise of altruistic donations

New Delhi: Cyber criminals and hacktivists have leveraged encrypted instant-messaging application Telegram for conflict-related activities, over the war between Russia and Ukraine, according to data released by cybersecurity firm CheckPoint Research (CPR).

It showed that cyber-attacks on Ukraine’s government and military sector surged by a staggering 196 per cent in the first three days of combat, while cyber-attacks on Russian organisations increased by four per cent.

CPR has also warned that fraudulent emails are being sent to dupe people who are seeking to donate to Ukraine from abroad.

Since the surge of the conflict on February 24, CPR researchers found about six times more groups on Telegram concerning the conflict, than the day before the invasion.

The researchers observed three types of rapidly growing groups: Cyber-attack groups against Russia that urge followers to attack Russian targets in different tools and ways, mainly DDoS; groups urging followers to support Ukraine by fundraising, of doubtful authenticity, often suspected to be fraud; and numerous “news feed” groups, airing updated and “exclusive” news reports about the conflict, bypassing mainstream news outlets.

Further, the cyber hacktivists are choosing Telegram to transfer messages, cyber arms and tools, and are “pointing” attackers to relevant Russian targets.

“Since the beginning of the war, we have seen tens of groups being created daily. Some groups boast over 250,000 users,” CPR researchers said.

CPR estimates that about 23 per cent of the groups observed on Telegram attempt to unite hackers, IT professionals, and other IT “fans” to attack Russian targets in the cyberspace.

These groups are used to coordinate the attack, decide on targets and share results, even offering to help each other towards the goal.

DDoS attacks became very common as a cyber-weapon, with anti-Russian attackers pointing against targets they favour, and request group users to follow.

Cyber criminals are also leveraging the conflict to steal funds under the disguise of altruistic donations

“Our investigations show that many of such requests and groups are highly suspected to be fraudulent,” the researchers said.

CPR estimates that roughly 4 per cent of the groups observed on Telegram are geared toward donations to support a side of the current conflict, many of which are suspicious.

They found that groups raising funds through Bitcoin and Ethereum accounts have over 20k users.

These groups on Telegram also report unedited, non-censored feeds from war zones, 24 hours a day, including footage that traditional mainstream media often refrained from airing live.

To remain protected from fraud and cyber-crime while using Telegram, the researchers suggested users to remain vigilant and careful about the information published on the platform.

CPR also recommends users to not press on links that have origins unfamiliar to you, beware of suspicious requests, sending money to unknown sources.

Back to top button