Privacy haven or cybercriminal haven?

“General human data for sale in bulk, if anyone is interested or wants to see samples. Escrow accepted.” “Selling gambling database. Brazil/Asian countries. Good price. For more info, message me.” “I have big data. DM now.” “Selling entire database mentioned in this data breach. Full name, date of birth, address, phone number.”

What you have just read is 30 seconds of messages posted to a Telegram group simply titled “Data Selling.” Tons of data, hacked or leaked from online repositories around the world, are routinely sold and bought on Telegram every day. The privacy-focused messaging app has been the talk of the town since its founder, Pavel Durov, was arrested on Sunday.

The French-Russian billionaire was traveling via Azerbaijan on his private jet when he was stopped at Bourget Airport in France and arrested. He has been named as a suspect in cases involving fraud, drug trafficking, cyberbullying, and organized crime, according to news reports out of France, and has also been accused of failing to take action against the misuse of Telegram for the aforementioned illegal activities. But the problem is not one that only France is facing. Several countries around the world are plagued by the same problem, including India. In 2022, the Mumbai Cyber ​​Police arrested a class 12 student in connection with a cybercrime that was particularly sophisticated, considering the age of the suspect.

The 16-year-old resident of Thane was tracked down through intensive cyber forensics after a well-known coffee shop reported a case to the police. Transactions worth thousands of rupees were made through gift cards issued to their customers. However, these customers were not the ones making these transactions. The cash value of the cards was regularly debited from the cards of the customers and everyone was caught. When the suspect was finally arrested and questioned, even the cops were baffled. The boy had wormed his way into underground hacker forums, learnt how to clone gift cards, then learnt how to access the coffee shop’s details through a vulnerability in their server and started cloning cards issued in the names of other customers. His only desire was to be the cool guy in the group – the one who is always rich and treats his friends to fancy cappuccinos and delicious blueberry compote pastries. And he learnt all these nasty skills before he even got his bachelor’s degree, thanks to Telegram.

The app was launched in 2013 with its strongest USP being privacy. Its strong encryption and secure storage, combined with cross-platform compatibility, more data sharing options than contemporary apps and fierce anti-censorship features made it an instant hit. The privacy-conscious loved it. And so did the cybercriminals. Experts estimate that it took barely a year for the cybercriminal underground, already thriving on the dark web, to set up bases on Telegram as well. But the key difference here was that while the dark web required minimal skill to open and navigate, Telegram only needed to be installed on your device. From there on, it was just a matter of patiently browsing and messaging.

In no time, gangs selling drugs on the dark web established themselves on Telegram. Those dealing in pornographic material followed suit. Soon, bot accounts – automated chat systems – were set up, offering convincing fake nude photos, also known as deep nudes. Users simply uploaded the target’s photo, made payment to the specified account, and downloaded the generated deep nude. Thanks to AI, these bots now also offer video deepfakes. Then came the really dark stuff – Child Sexual Abuse Material, or CSAM. The perverted form of pornography is now a thriving industry, with groups with names as innocent as “Pizza Delivery.”

“CSAM networks use the Telegram platform as a secret space where they can conduct their activities in secret. Telegram’s platform features facilitate the exchange of illegal material and the coordination of exploitation attempts. Public and private channels provide forums where perpetrators can share images, videos, and links to illegal content with impunity,” according to an April 2024 report by The OSINT Team, a collective of open source intelligence experts that combs through open-domain material for intelligence.

This is also confirmed by an FBI press release issued last November, following the arrest of a former FBI contractor for allegedly purchasing CSAM materials via Telegram.

“According to court documents, beginning in February, Brett Janes, 26, of Arlington, Virginia, enticed a 13-year-old minor he met through Valorant, a popular first-person shooter, to play “strip” games in a Discord video chat. Janes threatened to commit suicide and sent the victim payments via CashApp to convince the victim to create and send him CSAM. He convinced a 12-year-old boy to produce CSAM and attempted to entice another minor boy to produce CSAM. Janes also admitted to purchasing hundreds of videos and images of CSAM via Telegram,” the press release said.

And finally, we have cyberterrorism. In 2022, when the Rail Yatri data was hacked and leaked onto the dark web by an Israeli hacking group, this writer reached out to an independent cyber expert to ask for help in interviewing the hackers. The expert simply replied with a Telegram ID, followed by a message: “Just message him on TG bro, he also gives out samples.” Durov’s arrest has intensified the age-old debate about privacy versus censorship. But as always, while the debate rages, it is the common man who suffers.