Telegram War Front

Η Research (CPR) monitors the activities taking place on Telegram and has collected a series of relevant data surrounding the current conflict in Eastern Europe.

On the day Russia invaded Ukraine, CPR reported a sixfold increase in the number of Telegram war groups.

Το 71% των ομάδων αυτών που παρακολούθησε η CPR προωθούν flash news με μη επεξεργασμένες και συχνά ανεπιβεβαίωτες πληροφορίες. Το 23% έχουν συσταθεί για να συντονίζουν κυβερνοεπιθέσεις κατά της Ρωσίας, κυρίως DDoS. Το 4% των ομάδων στο Telegram ζητούν δωρεές σε κρυπτονόμισμα για την υποστήριξη της Ουκρανίας. Σε μια νέα δημοσίευση, η CPR παρέχει και παραδείγματα για κάθε μία από τις ομάδες, καθώς και τέσσερις συμβουλές κυβερνοασφάλειας για τους που χρησιμοποιούν το Telegram.

Some Telegram groups that coordinate cyberattacks in Russia have more than 250.000 users

– Η CPR παρέχει παραδείγματα από μια ομάδα που ζητά από τους χρήστες να επθούν σε ρωσικούς ιστότοπους, καθώς και με επιθέσεις μέσω SMS και κλήσεων

- CPR urges people wishing to make donations to Ukraine to be careful when sending money

Check Point Research (CPR) has been closely monitoring Telegram throughout the current Russia-Ukraine conflict, reporting that conflict-themed Telegram groups grew by 6x the day Russia invaded Ukraine. CPR has distinguished the groups based on three different characteristics, which are:

A. Flash News and Updates (71% of groups observed)
B. Hacking \ Hacktivist groups targeting Russia (23%)
C. Donation requests for Ukraine (4%)
D. Other issues related to the conflict, some inactive and without users (2%)

Characteristics and examples of group A: Flash News / Updates

Basic features:
- Very active
– Χιλιάδες την ημέρα, 24/7
Reports unprocessed, uncensored reruns of war zones
– Shares unconfirmed information and possible

Figure 1. Live news channel “Russia vs. Ukraine Live news ”with over 110K users on Telegram


Figure 2. War reporting channel in Ukraine, with over 20 thousand users on Telegram


Characteristics and examples of group B: Hacktivists targeting Russia

Basic features:
- Hackers, IT Professionals and other "IT fans".
- Teams are used to coordinate attacks and select targets
- Teams assist each other in carrying out attacks and exchanging results
Some groups have more than 250.000 users
- DDoS the most common attack request, followed by attacks via SMS and calls

Figure 3. SMS attacks and calls to Russian targets


Figure 4. The Mark team invites users to attack Russian websites by providing URLs.


Characteristics and examples of group C: Donation scams
Basic features:
- Most donations require a cryptocurrency
- Teams have tens of thousands of users
- Many groups are suspicious and most likely fraudulent

Figure 5. Group raising funds through Bitcoin and Ethereum accounts - Over 20k users


Figure 6. Donation support team for Ukraine on Telegram


Comment by Oded Vanunu, Head of Products Vulnerabilities Research at Check Point Software:

"Telegram has become a digital arena of conflict, where people choose sides on the internet. We see people from all over the world organizing and having the resources to support either Russia or Ukraine. Some groups are coordinating cyber attacks targeting Russia. Other groups serve as information and news hubs to present the raw side of the war. Other groups are demanding money either to support Ukraine or to commit fraud. Overall, we have seen a sixfold increase in Telegram groups on the Russia-Ukraine war since the day Russia invaded Ukraine. I highly recommend that people keep a close eye on their Telegram activity and the types of people they can come in contact with. There is a side in the Telegram that wants to take advantage of the supporters of either Ukraine or Russia. We are currently sharing what we see in the Telegram and our initial comments. We will continue to monitor the activity on Telegram in the coming weeks ".

Cyber ​​security tips for Telegram users

1) Do not click random links. Μην πατάτε σε συνδέσμους που έχουν άγνωστη σε εσάς προέλευση, ειδικά σε περιόδους ς και ακραίων περιστάσεων. Οι εγκληματίες μπορεί να εκμεταλλευτούν την κατάσταση για να προσπαθήσουν να κλέψουν διαπιστευτήρια, προσωπικά στοιχεία και άλλες προσωπικές πληροφορίες, στέλνοντας κακόβουλο λογισμικό ή συνδέσμους phishing
2) Beware of suspicious requests. If a message from an unknown source makes a request or request that seems unusual or suspicious, this may be an indication that it is part of a phishing attack.
3) Think φορές πριν στείλετε χρήματα. Sending money to unknown sources for help can often lead to fraud. Be careful who you contact and what kind of information you are asked to provide. Social media messaging is not the right platform for big financial transactions, especially in unrecognized sources.
4) Verify your sources. Follow the news and seek the "truth" from reliable sources that you can trust. The Best Technology Site in Greecefgns

Subscribe to Blog by Email

Subscribe to this blog and receive notifications of new posts by email.

Written by newsbot

Although the press releases will be from very select to rarely, I said to go ... because sometimes the authors are hiding.

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).