Stolen financial accounts are still being sold on Telegram

Cybersixgill researchers studied the criminal side of Telegram and report that criminals are still using the messenger to sell stolen financial accounts.

In compiling the report, experts filtered out spam from bots and focused only on data of interest containing certain keywords related to money laundering and the sale of financial accounts. Although Cybersixgill eventually concluded that Telegram financial account sales were down in 2021, the scale of the problem is still large.

Analysts believe that the sharp 60% drop in sales (compared to 2020) was mainly due to the reduction in credit cards issued during the pandemic.

Be that as it may, PayPal accounts are most often traded on Telegram, as well as Chase and Western Union.

Cybersixgill explains that buyers use most of the compromised PayPal accounts to buy hard-to-trace cryptocurrencies, essentially laundering money in this way. Moreover, criminals offer money transfer services directly on Telegram, helping other attackers to hide the origin of the stolen funds.

To a lesser extent, Telegram channels sell bank card data, with about half of them including CVV/CVV2 codes required for online purchases. Prices range from $10 to $1,500 per card, depending on its balance and “freshness” of the data. For example, if the cardholder has not yet realized that he has been hacked, and the bank does not yet know about what happened, the price will be higher.

Finally, Telegram has special channels where bank logs (credentials) are traded, which can also be used for electronic payments.

Let me remind you that we also said that the DDoS attack in Iran was conducted through Telegram proxy servers, and that the number of fake vaccination certificates sellers in Telegram increased 10 times.