đ CloudSEK has raised $19M Series B1 Round â Powering the Future of Predictive Cybersecurity
Read More
Proactively monitor and defend your organization against threats from messaging platforms in the dark web with CloudSEK XVigil.
Schedule a Demo[vc_row][vc_column][vc_column_text]
Cloud-based encrypted communication platform â Telegram â became an overnight sensation, owing to a WhatsApp outage that occurred in 2018. The user base of Telegram hit a whopping 400 million, as of April 2020, since its inception in the year 2013. The non-intrusive nature of the app, contrary to the likes of Facebook Messenger and WhatsApp, is another reason for its popularity.
However, over the years, the app and its developer Pavel Durov have also been on the receiving end of some criticism. The anonymous secure connection of Telegram allows users to access selectively prohibited networks and websites. Among other proxy servers and VPN services, Telegram is also completely or partially banned across several countries that are unwilling to risk national security. Furthermore, the app is not as secure as it claims to be. Its security flaws have been a major cause for data leaks.
In Russia, a struggle that ensued between the Federal Security Service (FSB) and Telegram, after the St. Petersburg bombing, resulted in the applicationâs ban in 2018. Pavel Durov refused to share the encrypted messages of the suicide bomber who was apparently active on the messaging platform. A court maintained that the app remain banned until its developer agreed to hand over its data encryption keys to the authorities. Russian authorities failed to hold up the ban successfully and decided to lift the ban only recently.
In 2016, 15 million Iranian usersâ records were leaked following a major data breach. Iranian hackers exploited the security flaws in Telegram to compromise accounts. In particular, they hacked the SMS verification codes that are generally sent to the users. This attack targeted Saudi royals, NATO officials, and even nuclear scientists.
In a more recent event, pro-democracy campaigners in Hong Kong coordinated their demonstrations against their government using Telegram. Although the app has been banned in the country since 2015, users found a way around it.
In Germany, the police launched a crackdown on criminals to prevent premeditated crimes. For this they only had to use proprietary software to hack into Telegram correspondences. The police successfully carried this out for two years.
The anonymity associated with the app is concern for regulators and governments. It increases the odds of misuse of the appâs features. Which is why Telegram activities on the app should be monitored for the following reasons:
Although users tend to think that their correspondences are all encrypted and secure, the app requires you to change the settings to âactivateâ end-to-end encrypted chats. Most users are not aware of this.
Telegram relies on the symmetric encryption method and uses proprietary protocol MTproto, making it difficult external cryptographers to audit its efficacy.Â
Researchers have uncovered flaws in the app whereby an attacker can snoop on significant data about the user, apart from their chats. For instance, the attacker can figure out when the user is online and offline. This could in turn help them determine who the user is talking to, which is a rather serious flaw.
In a 2016 report by Memri, Telegram was referred to as âthe app of choice for many ISIS, pro-ISIS and other jihadi and terrorist elements.â Terrorist organizations weaponize Telegram to disseminate hatred and misinformation. The anonymity that the messaging app offers indirectly, endorses criminal activities, harmful to civilians and governments alike.
Latest research from Symantec indicates that media files shared on WhatsApp and Telegram can be manipulated using a malware. This security flaw, known as media file jacking, exists in Android devices. It allows attackers to intercept the process by which applications save media files on the deviceâs storage.
The âMasad Clipper and Stealerâ malware, capable of allowing hackers to access userâs personal information and their crypto wallets, was sold via Telegram channels. The Telegram channel was also a makeshift command and control for the same malware.
CloudSEKâs proprietary cyber threat monitoring platform XVigil gathers information from Internet Relay Chat (IRC) and chat rooms (for instance, Telegram Channels). The platform then detects conversations that are intended to obtain information about your organisation, and weaponize it against you. XVigil crawls across various parts of the internet to find mentions of your digital assets, so that you can take proactive measures to prevent any external threats to your brand and infrastructure.[/vc_column_text][/vc_column][/vc_row]
CloudSEK's threat research team has uncovered a ransomware attack disrupting India's banking system, targeting banks and payment providers. Initiated through a misconfigured Jenkins server at Brontoo Technology Solutions, the attack is linked to the RansomEXX group.
On 23 October 2023, CloudSEKâs Threat Intelligence Team detected a Ransomware-as-a-Service (RaaS) group, named QBit introducing a newly developed ransomware written in Go, boasting advanced features to optimize its malicious operations.
Our researchers have found out The Amadey botnet is now using a new Healer AV disabler to disable Microsoft Defender and infect target systems with Redline stealer.
Take action now
CloudSEK Platform is a no-code platform that powers our products with predictive threat analytic capabilities.
Digital Risk Protection platform which gives Initial Attack Vector Protection for employees and customers.
Software and Supply chain Monitoring providing Initial Attack Vector Protection for Software Supply Chain risks.
Creates a blueprint of an organization's external attack surface including the core infrastructure and the software components.
Instant Security Score for any Android Mobile App on your phone. Search for any app to get an instant risk score.
min read
Why monitoring the most popular P2P messenger should be a cybersecurity priority
[vc_row][vc_column][vc_column_text]
Cloud-based encrypted communication platform â Telegram â became an overnight sensation, owing to a WhatsApp outage that occurred in 2018. The user base of Telegram hit a whopping 400 million, as of April 2020, since its inception in the year 2013. The non-intrusive nature of the app, contrary to the likes of Facebook Messenger and WhatsApp, is another reason for its popularity.
However, over the years, the app and its developer Pavel Durov have also been on the receiving end of some criticism. The anonymous secure connection of Telegram allows users to access selectively prohibited networks and websites. Among other proxy servers and VPN services, Telegram is also completely or partially banned across several countries that are unwilling to risk national security. Furthermore, the app is not as secure as it claims to be. Its security flaws have been a major cause for data leaks.
In Russia, a struggle that ensued between the Federal Security Service (FSB) and Telegram, after the St. Petersburg bombing, resulted in the applicationâs ban in 2018. Pavel Durov refused to share the encrypted messages of the suicide bomber who was apparently active on the messaging platform. A court maintained that the app remain banned until its developer agreed to hand over its data encryption keys to the authorities. Russian authorities failed to hold up the ban successfully and decided to lift the ban only recently.
In 2016, 15 million Iranian usersâ records were leaked following a major data breach. Iranian hackers exploited the security flaws in Telegram to compromise accounts. In particular, they hacked the SMS verification codes that are generally sent to the users. This attack targeted Saudi royals, NATO officials, and even nuclear scientists.
In a more recent event, pro-democracy campaigners in Hong Kong coordinated their demonstrations against their government using Telegram. Although the app has been banned in the country since 2015, users found a way around it.
In Germany, the police launched a crackdown on criminals to prevent premeditated crimes. For this they only had to use proprietary software to hack into Telegram correspondences. The police successfully carried this out for two years.
The anonymity associated with the app is concern for regulators and governments. It increases the odds of misuse of the appâs features. Which is why Telegram activities on the app should be monitored for the following reasons:
Although users tend to think that their correspondences are all encrypted and secure, the app requires you to change the settings to âactivateâ end-to-end encrypted chats. Most users are not aware of this.
Telegram relies on the symmetric encryption method and uses proprietary protocol MTproto, making it difficult external cryptographers to audit its efficacy.Â
Researchers have uncovered flaws in the app whereby an attacker can snoop on significant data about the user, apart from their chats. For instance, the attacker can figure out when the user is online and offline. This could in turn help them determine who the user is talking to, which is a rather serious flaw.
In a 2016 report by Memri, Telegram was referred to as âthe app of choice for many ISIS, pro-ISIS and other jihadi and terrorist elements.â Terrorist organizations weaponize Telegram to disseminate hatred and misinformation. The anonymity that the messaging app offers indirectly, endorses criminal activities, harmful to civilians and governments alike.
Latest research from Symantec indicates that media files shared on WhatsApp and Telegram can be manipulated using a malware. This security flaw, known as media file jacking, exists in Android devices. It allows attackers to intercept the process by which applications save media files on the deviceâs storage.
The âMasad Clipper and Stealerâ malware, capable of allowing hackers to access userâs personal information and their crypto wallets, was sold via Telegram channels. The Telegram channel was also a makeshift command and control for the same malware.
CloudSEKâs proprietary cyber threat monitoring platform XVigil gathers information from Internet Relay Chat (IRC) and chat rooms (for instance, Telegram Channels). The platform then detects conversations that are intended to obtain information about your organisation, and weaponize it against you. XVigil crawls across various parts of the internet to find mentions of your digital assets, so that you can take proactive measures to prevent any external threats to your brand and infrastructure.[/vc_column_text][/vc_column][/vc_row]