Telegram: The Go-To Platform for Cybercriminals in 2024-2025

By /

Listen to this Post

Why Telegram Remains the Top Choice for Threat Actors

A new analysis of cybercriminal activity from January 2024 to January 2025 reveals that Telegram remains the most widely used messaging platform among cybercriminals. Despite increased scrutiny from law enforcement and growing competition from platforms like Discord, Signal, and TOX, Telegram continues to be the preferred choice for illicit activities.

Its dominance in the underground market is fueled by its extensive feature set, including API support, bot deployment, and large group hosting capabilities. However, concerns over security flaws and potential ties to Russia persist.

The arrest of Telegram CEO Pavel Durov in August 2024 and the platformā€™s announcement of increased cooperation with law enforcement in September 2024 triggered discussions about alternative platforms. Telegram started sharing user IP addresses and phone numbers upon legal requests in January 2025, yet no mass migration has been observed.

While Signal has gained traction, particularly in cybercriminal forums, its adoption remains far behind Telegram. Other platforms, like Discord, TOX, and Matrix, serve niche purposes depending on the type of criminal activity. However, Telegram often acts as the central hub for various illicit operations, cementing its position as an indispensable tool for cybercriminals.

What Undercode Says:

Telegram’s continued dominance in the cybercriminal world is a complex issue shaped by several factors, from technological convenience to evolving security concerns.

1. The Appeal of Telegram for Cybercriminals

  • User-Friendly Interface: Telegramā€™s intuitive design makes it accessible even to low-skilled threat actors.
  • Scalability: Groups can host up to 200,000 members, facilitating large-scale operations.
  • File Sharing & Bots: The ability to share files up to 4GB and automate tasks through bots enhances its utility.
  • Anonymity Perception: Despite increased cooperation with law enforcement, many cybercriminals still believe Telegram offers a degree of privacy.

2. Why Telegram Hasnā€™t Been Replaced Yet

  • Network Effects: The more users a platform has, the harder it is for individuals to migrate elsewhere without losing their contacts.
  • Feature Set: No other platform currently matches Telegramā€™s combination of scalability, automation, and ease of use.
  • Limited Alternatives: Signal, TOX, and Matrix have security advantages, but they lack Telegramā€™s widespread adoption.

3. The Impact of Law Enforcement Crackdowns

  • CEO Arrest & Policy Changes: Pavel Durovā€™s arrest and Telegramā€™s decision to share user data mark a shift in Telegramā€™s stance. However, cybercriminals have not abandoned the platform in large numbers.
  • Surveillance & OPSEC Concerns: More security-conscious actors are discussing alternatives, but the majority continue to use Telegram.
  • Adoption of Multi-Platform Strategies: Many criminals now use a mix of Telegram, Signal, TOX, and Discord to maintain redundancy.

4. The Role of Other Messaging Platforms

  • Signal: While some cybercriminals have started using Signal, its impact remains marginal due to its smaller user base.
  • Discord: Popular among younger hackers involved in gaming-related fraud but lacks end-to-end encryption for all chats.
  • TOX & Jabber: Preferred by ransomware operators but too fragmented to replace Telegram.
  • Matrix & Session: Used in niche criminal markets, but adoption remains low.

5. Future Trends: Will Telegram Lose Its Grip?

  • Potential Regulatory Pressure: Governments may push for stricter controls, potentially impacting Telegramā€™s user base.
  • Emergence of Decentralized Platforms: More criminals may shift to fully decentralized options like TOX or Matrix.
  • Adaptation by Cybercriminals: If Telegram becomes too risky, criminals will adapt by using coded language, burner accounts, and alternative communication methods.

For now, Telegram remains the backbone of cybercriminal communications, demonstrating resilience despite legal challenges and rising security concerns.

Fact Checker Results:

  1. Telegram still dominates cybercriminal communications despite rumors of a migration to Signal.
  2. Law enforcement intervention has increased but has not significantly impacted Telegramā€™s use among cybercriminals.
  3. Alternative platforms exist but are not yet viable replacements due to Telegramā€™s extensive feature set and established user base.

References:

Reported By: https://cyberpress.org/telegram-ranked-as-1-messenger-used-by-cybercriminals/
Extra Source Hub:
https://www.digitaltrends.com
Wikipedia: https://www.wikipedia.org
Undercode AI

Image Source:

OpenAI: https://craiyon.com
Undercode AI DI v2Featured Image

Explore More: