A new analysis from Kaspersky Digital Footprint Intelligence highlights a concerning trend amid worries about Telegram's security: cybercriminals are increasingly using Telegram for operations related to the underground market.

According to the survey, hackers are actively trading different types of illicit services, discussing fraud strategies, and distributing stolen datasets over Telegram groups and channels. This involves initiating DDoS attacks, falsifying papers, and paying out stolen money. Kaspersky's analysis indicates that compared to the same period last year, the volume of such posts increased by 53% in the previous two months.

This increase in criminal behavior on Telegram is being caused by a number of variables. First off, there are 900 million monthly users of the messaging app, which is a huge user base. Second, Telegram misleads thieves into believing it to be a private, secure network that doesn't gather user data. Furthermore, it's not too difficult to locate or start a Telegram group, which makes it possible for illegal channels to rapidly amass followers.

There is a trade-off between Telegram's reduced entrance barrier and limited dark web forums. Overall, cybercriminals on Telegram are often less experienced. The ease with which one may locate and join criminal networks, however, counteracts this. Additionally, Telegram lacks a reputation system, which is typical of forums on the dark web and makes it simpler for con artists to trick users of the network.

Apart from illicit activities, Telegram has surfaced as a forum for hacktivists. Hacktivists exploit Telegram's vast user base and quick material dissemination to provoke denial-of-service attacks and other disruptive activities directed at specific companies. The public can also access stolen material via Telegram's shadow channels.