The Ukrainian Coordination Centre for Cybersecurity (NCCC), a critical ad-hoc commission for coordination and control in the field of cybersecurity, banned the installation and use of Telegram on the official devices of government officials, military personnel, employees of the security and defence sector, as well as enterprises operating critical infrastructure.
There is evidence that Russian special services have access to the personal correspondence of Telegram users, even deleted messages, as well as their personal data. Telegram is actively used by Russia for cyberattacks, spreading phishing and malware, establishing the geolocation of users, geolocation targets for missile strikes, etc.
An illustrative story happened meanwhile with a sensitive Telegram chatbot of the Ministry of Defence of Ukraine, “Reserve+”, used to exchange data between recruits and the recruitment centre of the Ministry of Defence. The ministry started this tool but abandoned it over time, deleted the account, and left the URL "@reserveplusbot" behind. Immediately, ‘unknown hackers’ took advantage of this and took control of the chatbot. Pretending to be representatives of “Reserve+”, the fraudsters sent messages to recruits calling to install special software. It infected the computers and smartphones with Meduza Stealer malware. This virus can steal personal data from devices, analyse user activity in browsers and carry out attacks based on collected information. Telegram is reported to have been suspiciously slow in closing the fictitious account. Given the scale of use of the application “Reserve+” and the database available on the darknet, the number of victims can be conservatively measured in thousands.
댓글