Messaging applications like WhatsApp and Facebook Messenger serve as important tools that you can use to collaborate and communicate with your friends. There are various apps that allow you to send and receive information via encryption – sometimes personal and private data, as well. These communication tools bring our world closer together.
But what happens when these apps are compromised? What do you do when the very tools you’re using to communicate with your friends present issues for your cyber security?
Hackers find their way into Telegram
Telegram is a messaging application that has taken the place of other, more popular tools. According to Trend Micro researchers, this app recently became the stand-in for WhatsApp in places like Brazil. At one point, WhatsApp had 93 million users in Brazil, but that number has steadily been decreasing ever since the Brazilian government issued a court order to telecommunications providers to block access to the app (because the creators of the app refused to cooperate with the feds for criminal investigation purposes).
Besides the fact that they can no longer use WhatsApp, users find Telegram attractive for a number of reasons, including features like seamless multi-device access and the ability to auto-delete messages after a certain period of time. According to Hackread, the app, which allows people to send encrypted messages, has 100 million active monthly users and is compatible with numerous popular systems, like Android, iOS, Windows Phone, Windows, OS X and Linux.
With the move of the people to Telegram, hackers followed suit. Trend Micro researchers reported at the end of June that cyber criminals are finding ways to infiltrate the messaging app and steal credentials. Most of the criminals selling this stolen information on the black market are high-school age. The lure of targeting these apps is simple: It’s a fast, easy way to make money for young people who might not otherwise know how to start their careers in anything else, and it’s fairly easy to learn how to do.
Spreading across the globe
Users in Brazil aren’t the only ones suffering from intrusions in their messaging services. Business Intelligence contributor James Cook reported in early May that Russian activists Oleg Kozlovsky and Georgy Alburov claimed that their Telegram apps had been illegally accessed. They said that the accounts had been accessed by someone who requested confirmation codes, which were sent via text message. Instead of blaming the actual Telegram app, however, the activists are targeting the Russian telecom provider MTS, on the charge of having helped this malicious actor log into the account.
Elsewhere, hackers are still gaining private user information through devious means. According to TechRasa, the Iranian cell phone network Irancell was infiltrated at the beginning of July. This hack leaked the credentials of 20 million Iranians.
The problem has become so rampant that the Defense Advanced Research Projects Agency is planning to create an “ultra-secure” messaging app for the U.S. military, according to The Hacker News. DARPA explained that by using standard encryption tools in addition to a decentralized protocol like Blockchain that would serve to prevent cyber attacks and surveillance.
“[The app would] separate the message creation, from the transfer (transport) and reception of the message using a decentralized messaging backbone to allow anyone anywhere the ability to send a secure message or conduct other transactions across multiple channels traceable in a decentralized ledger,” DARPA explained.
The vendors of these messaging apps aren’t to blame for these hacking incidents. Cyber criminals are simply infiltrating the tools, as hackers are wont to do. However, it does indicate a troubling trend of these malicious actors specifically targeting the ways we use to communicate with each other. There is a growing community of cyber criminals that share information about how to undertake this kind of activity.
“Most [hackers] are certainly self-taught/self-starters, obtaining knowledge and skills by joining and participating in forums – judging by the number of hacking/carding tutorials and how-to guides they share with other group members,” Trend Micro researchers wrote.
A simple Google search for “hack messaging apps” brings up more than a million hits, the first of which are how-to guides for targeting these applications and infiltrating them in order to steal information. Therefore it’s critical, in this climate of hackers educating hackers about how to pull off complicated attacks, that users become even more aware of their activities when they’re using these kinds of apps and make sure they are taking the proper steps to protect themselves.
Cyber criminals find new ways to intrude on people’s lives on a constant basis, and messaging apps provide them with the perfect opportunity to gain important information about the common user. By following best practices regarding app use and mobile cyber security, users can hopefully preclude any wrongdoing.