Telegram’s Cybercrime Channels

also ft; DDoS’ Multiplied Threat Tendencies

CybAfriqué is a space for news and analysis on cyber, data, and information security on the African continent.

Cryptocurrencies in Africa are quite a big deal. Apart from the large volume of illegal trade activities moved using this invisible currency, it is a hot topic as far as regulations are concerned. However, that was not the focus of this edition; several Telegram users have at one point or the other, whether active or not, been added to groups which are known to act clandestinely, some of whom are cybercriminals. This is however brought to the limelight since the CEO, Pavel Durov’s arrest. We also covered the impact of DDoS attacks using the multiplier theory, terrorist propaganda on Tiktok and others.  

— Adebola. 

HIGHLIGHTS 

DDoS’ Multiplied Threat Tendencies 

DDoS, Distributed-Denial-of-Service has a ‘multiplier effect’ on the scale of threats in the African cybersecurity ecosystem. Analysing the Cybersecurity threatscape of African countries 2022–2023 in a report published last July, many organisations regularly encounter DDoS problems and are typically targeted at government and financial institutions. In July 2023, Anonymous Sudan, one of Africa’s most notorious hacktivist groups, revealed on its Telegram channel, where it was suspended later in the year, its plan to attack Kenya’s e-Citizen platform. 

As numbers of hackers continually increase, this “low-cost weapon” identified as DDoS creates more problems for African organisations to prepare for the possibility of a breach of their systems. The motivations behind DDoS attacks are hard to pinpoint as casualties range from disrupting business and stealing companies' and organisations' data to customer identity (ransomware). 

The EU and the US have built a cordial stance against paying ransom to cyber attackers in the global Counter Ransomware Initiative policy. They also have policies—the US Cyber Trust Mark Act and the EU Cyber Resilience Act (CRA)—targeted at the manufacturing industry demonstrating responses to alarming global statistics of cyber attacks. 

Africa’s cybersecurity resilience is yet to take significant form since many governments have not identified them as national security matters; the continent still faces problems tackling the latter. Recently, the U.S National Security Agency (NSA) in a blog post states that “Cybersecurity is no longer a separate domain – it’s integrated into everything we do to keep the United States safe from foreign adversaries.” 

“As Russia, China, Iran, North Korea, and others conduct cyberattacks on national security systems and the Defense Industrial Base, the National Security Agency is on the job, detecting attacks, defending networks, and distributing declassified intelligence to help private industry partners,” the post also read in part. 

Telegram’s Cybercrime Channels

Founded by Russian-born brothers in 2013, Nikolai and Pavel Durov, Online messaging app, Telegram, famously known for its encrypting or privacy features, has been detected to be a passage for illegal activities of cyber criminals. Its services have been restricted in several markets and countries owing to its private communication model which has strengthened e-crimes. The CEO, Pavel, a liberalist, has been cited for his open tolerance of terrorist communications on the app. 

Cybersecurity research company Flare, in different reports last year, addressed concerns that the messaging app is increasingly proliferated by cybercriminals. In one, it noted that the messaging app is an “outlet to trade stolen information, tools, or malware, hold victims of cyber attacks to ransom, and discuss their targets and tactics.”

More reports have surfaced especially in 2023 contributing to exposing the ‘dark web’ enterprise of the app. A recent BBC piece investigates different criminal operations on the app. 

Following Pavel’s visit to France in August for an alleged dinner with President Emmanuel Macron—subsequently denied by the latter—he was arrested for fraudulent schemes and conspiring with cyber criminals on the app. In a similar style, Binance executive Tigran Gambaryan has been in and out of court in Nigeria since February owing to money laundering activities on the platform. 

Pavel highlights the need for “free speech” in every society and criticises authoritarian governments working against the platform’s goal to amplify people’s voices. “We are driven by the intention to bring good and defend the basic rights of people, particularly in places where these rights are violated,” he wrote on his Telegram account. 

X, formerly called Twitter, is among other apps undergoing restrictions from the government owing to its free speech and uncensored internet activity by users. 

FEATURES 

• In Nigeria, terrorists are using TikTok to push propaganda but their expression of Hausa language and other minority lingua makes content moderation “complicated”. “These groups are aware of the limitations and have adjusted their strategies accordingly, migrating from platforms such as Facebook and moving to TikTok to create a community,” Silas Jonathan, a digital researcher tells HumAngle. 

HEADLINES 

• DR Congo Halts $1.2B Biometric ID Project Amid Financial Irregularities - Regtech Africa 

• Nigeria’s NDPC receives visit from Somali Data Protection Authority - Africa CyberSecurity Mag

• Collective action is needed to cut Scope 3 emissions in telecoms - Developing Telecoms

• NCC Grants Airtel Nigeria Licences to Enhance Connectivity - Regtech Africa 

• Binance urges Nigeria to end “unjust detention” of company executive after viral video - TechCabal

• Banks and fintech remain wary of Crypto despite new licences - TechCabal

• SARS intensifies focus on crypto traders - ITWeb

• Nigeria, China Move to Revive Local Currency Swap - Vanguard

• Police Swoop On Suspected Ponzi Scheme Gangs … 487 arrested in Kumasi - The Chronicle

• Two Nigerians Sentenced to Prison in the US for BEC Fraud - Security Week

• Minister seeks Hawks intervention in R89m Postbank fraud - ITWeb

• South Africa: Justice College, Sabric sign MoU against financial crime - Zawya

• Tanzania Inputs Twitter Ban Due To Rising Political Tensions - Tech in Africa 

• How not to conduct cyber awareness training: UCSC slammed for ‘tone deaf’ Ebola phishing tests - ITPro

ACROSS THE WORLD 

• US Targets Russian Election Influence Operation With Charges, Sanctions, Domain Seizures 

• LockBit claims breach on Canada’s largest school board: Is the group back with a vengeance? 

• Police investigate possible fraud over fake Sam Maguire 

• City of Columbus Sues Researcher Who Disclosed Impact of Ransomware Attack 

• FBI: North Korea Aggressively Hacking Cryptocurrency Firms 

• South Korea to inspect crypto exchanges for suspicious transactions 

• Skybox Security report: Over 30k new vulnerabilities published in past year

• Everything we know about the TfL cyber attack so far

• Microchip Technology Confirms Personal Information Stolen in Ransomware Attack 

• Verkada Settles With FTC Over Poor Security Practices That Led to Camera Hacking 

• Fake Shell investment ads on Facebook deceive Canadians 

OPPORTUNITIES 

• Les Cafés de la Cybersécurité (The Cybersecurity Cafes) |  Lome, Togo | September 12, 2024 

• Personal Data Protection Authority (APDP), Benin ‘Open Day’ | Cotonou, Benin | September 13, 2024