Alleged Insider Access to Telegram Servers Sold on the Dark Web


The seller claims to offer alleged access to an “archive of correspondence” for six months, as well as IP addresses and registered cellphone numbers of active Telegram users.

The cybersecurity researchers at SafetyDetectives have discovered a dark web marketplace claiming to offer its customers access to Telegram’s internal server for $20,000.

The price, according to the seller, is non-negotiable and offers uninterrupted access to Telegram servers via the company’s employees. This means the seller has some agreement with a company insider regarding providing access to its internal servers. The merchant is offering this deal to buyers worldwide.

It is worth mentioning that Hackread.com could not verify the authenticity of the claims made by the seller; therefore, their claims remain alleged.

About Telegram

Telegram, as we know it, is an instant messaging service/app founded by Pavel Durov and Nikolai Durov. The app supports end-to-end encryption for messages, video, and audio calls.

The company caters to businesses/consumers and is visited by over 700 million active users per month. It is among the top ten most downloaded apps in the world.

About the Dark Web Store

According to the SafetyDetectives report, the marketplace isn’t accessible on the surface web (or clear web). It offers illegal software, stolen databases, cracking tools, drugs, weapons, counterfeit electronics, money, and weapons and carding data dumps.

Findings Details

In their blog post, SafetyDetectives researchers stated that the marketplace is also offering customers a “buyer’s protection” option to keep payments in escrow. The seller’s advertisement which was published on November 16th, 2022 and is still live, claims they offer Telegram server access for approximately six months. The ad reads:

“Accessing telegram servers. I have access to the Telegram servers through my employees. I can get any information for you!

Expensive!

$20,000!

Do not write if you are financially unable to pay!

Hacking telegram is not possible! All information is taken from servers!

Timing 2-4 days!”

In addition, the seller stated that the listing isn’t related to channel or account theft, and they did not offer remote access. The vendor will offer an “archive of correspondence for six months,” apart from IP addresses belonging to active users and registered cellphone numbers.

Hackread.com has seen the marketplace, and disturbingly (but not surprisingly), it is also involved in the alleged sale of women, drugs, databases, fake documents, malware like Osiris, and other malicious products.

Potential Dangers

Given the large number of marketplaces operating on the Dark Web and so many traders offering illegal access to services and products, it is hard to verify the legitimacy of this vendor’s claim about Telegram server access.

However, if these claims are legit, a user with insider access to internal servers can exfiltrate log data and steal sensitive user details. It can also tarnish Telegram’s reputation as a secure messaging app.



Source link