Telegram Archives

AppWizard

December 25, 2024

Telegram global MAU 2024

Telegram was launched in March 2014 and has consistently increased its monthly active users since then. By July 2024, the number of active users is projected to reach impressive heights. The platform experienced steady growth from 2015 to 2019 as users sought alternatives to mainstream messaging services. In 2020, it saw a surge in popularity due to increased demand for secure communication. From 2021 to 2024, Telegram continued to expand by introducing innovative features and maintaining a commitment to user privacy.

AppWizard

December 24, 2024

Controversial messaging app Telegram is profitable, says its founder. Here’s how it makes money.

Encrypted messaging service Telegram has achieved profitability after 11 years of operation, with revenue surpassing billion in 2024 and cash reserves of 0 million. CEO Pavel Durov attributed this success to advertising and premium subscriptions. The company introduced initiatives like a revenue-sharing model for content creators and a premium subscription tier priced at .99 per month. Telegram has reduced its billion debt and noted a significant turnaround from the previous year, when it reported a loss of million on revenues of million. Despite its financial success, the platform faces global scrutiny over misinformation and limited content moderation, with bans in several countries and a history of being prohibited in Russia from 2018 to 2020.

AppWizard

December 23, 2024

Telegram founder says messaging app profitable for first time

Pavel Durov, founder and CEO of Telegram, announced that the platform achieved a net profit for the first time in 2024, with annual revenues exceeding one billion dollars. Telegram has over 950 million users and has shifted to a monetization model that includes paid subscriptions and advertisements since 2021, resulting in a tripling of premium service subscribers to 12 million. The company has cash reserves exceeding 0 million, excluding cryptocurrency assets. Durov faced legal issues in France related to content management but criticized the authorities' approach. Telegram is using artificial intelligence for content moderation to address misuse, while asserting that 99.999 percent of its users do not engage in criminal activities.

AppWizard

December 16, 2024

Android users warned of chilling Russian spy attack that records phone calls

Recent findings from Lookout reveal malware targeting Android devices, specifically designed to record phone calls and access personal photos. This malware is hidden in counterfeit versions of popular apps like Telegram and Samsung Knox. Two strains identified are BoneSpy, operational since 2021, and PlainGnome, discovered earlier this year, both linked to the Gamaredon group associated with Russia's FSB, primarily targeting Russian-speaking users. BoneSpy can collect text messages, record audio and calls, capture location data, take pictures, access browser history, and read notifications. PlainGnome includes all these features but operates more stealthily, recording audio and calls only when the device is idle, making detection less likely. Neither strain has been found on Google Play, suggesting victims install it through social engineering attacks. Signs of infection include being signed out of Google accounts, persistent pop-up ads, alerts about viruses, malfunctioning antivirus software, decreased device speed, unexpected storage loss, and unauthorized changes to browser settings. Users may also notice their contacts receiving messages they did not send.

Tech Optimizer

December 16, 2024

AI-powered deception: The sneaky macOS malware masquerading as your next video call

Artificial intelligence (AI) is being used by cybercriminals to enhance their scams, exemplified by a malware called Realst that masquerades as video-calling software. This malware targets macOS and Windows users and has been active for about four months. The hackers behind Realst operate under the fake company name "Meetio" and have used various aliases. They employ social engineering tactics, often contacting victims through platforms like Telegram, presenting fraudulent business opportunities, and leading them to download the malware from a deceptive website. Once installed, Realst scans for sensitive information, organizes it, and sends it to a remote server. It can extract credentials from applications like Telegram and web browsers. To protect against such malware, users are advised to verify software sources, be cautious of unexpected contacts, enable two-factor authentication, use strong passwords, keep software updated, and consider personal data removal services.

Tech Optimizer

December 14, 2024

New HeartCrypt Packer-as-a-Service (PaaS) Protecting Malware From Antivirus

HeartCrypt is a packer-as-a-service (PaaS) developed in July 2023 and launched in February 2024, designed to help malware operators evade antivirus detection. It has facilitated the packing of over 2,000 malicious payloads across 45 malware families. HeartCrypt injects harmful code into legitimate executable files, complicating detection by antivirus software. It is promoted on underground forums and Telegram channels, charging a fee per file for packing Windows x86 and .NET payloads. Its clients include operators of malware families like LummaStealer, Remcos, and Rhadamanthys. The packing process involves several techniques: - Payload Execution: The payload is encrypted with a single-byte XOR operation and executed through process hollowing or .NET framework capabilities. - Stub Creation: Position-independent code (PIC) is integrated into the binary’s .text section. - Control Flow Hijacking: The entry point of the original binary is altered to redirect execution to the malicious PIC. - Resource Addition: Resources disguised as BMP files contain encoded malicious code. - Obfuscation Techniques: Multiple layers of encoding are used, including stack strings and dynamic API resolution. HeartCrypt employs anti-analysis techniques such as loading non-existent DLLs to detect sandbox environments and using virtual DLLs to evade Windows Defender’s emulator. The service lowers entry barriers for malware operators, potentially increasing malware infections. Security researchers have analyzed HeartCrypt payloads, revealing insights into its operations and associated malware campaigns.

AppWizard

December 10, 2024

Telegram becomes top messaging app in South Korea amid censorship worries

New installations of Telegram in South Korea surged to 40,576 on the day President Yoon Suk Yeol announced martial law, significantly up from 9,016 the previous day. From Tuesday to Friday of last week, Telegram became the most downloaded mobile messenger in the country, rising from its previous position as the fourth most downloaded app. This increase is attributed to concerns about potential media censorship and the shutdown of domestic apps like KakaoTalk. Following the brief martial law, former Defence Minister Kim Yong-hyun was questioned as part of a treason investigation and later resigned, presenting himself to prosecutors, who then took him into custody under emergency arrest provisions.

AppWizard

December 5, 2024

Social Media and Messaging Apps Turning to Gaming

The average person spends at least two hours on social media daily, leading platforms to compete for user engagement. The gaming industry has become a significant competitor in this arena. Telegram has become a hub for blockchain gaming, particularly through TON, featuring innovative play-to-earn (P2E) games and Mini Apps that enhance the gaming experience. Casino bots on Telegram allow users to play games like blackjack and poker directly within the app. Facebook continues to integrate gaming into its platform, supporting instant games on Messenger and gaming groups, despite discontinuing its standalone gaming app in 2022. Snapchat introduced Snap Games in 2019, utilizing augmented reality to create interactive multiplayer experiences, although this feature is no longer available. Instagram incorporates gaming elements through interactive quizzes and polls in Stories, and serves as a platform for gaming content influencers. WhatsApp has unofficially integrated simple games through third-party bots, allowing users to engage in casual play within chats, despite not offering official gaming features.

AppWizard

December 5, 2024

Hackers May Be Reading Your Texts — U.S. Officials Urge All Americans to Use Encryption Messaging Apps in the Wake of Massive Cyberattack

A cyberattack attributed to Chinese hackers has compromised the data of over 1 million customers, targeting major telecommunications companies like AT&T, Verizon, and Lumen Technologies. The hackers may have intercepted live conversations and accessed private text messages, with political figures, including campaign teams for Donald Trump and Kamala Harris, being potential targets. Security experts stress the importance of encryption for safeguarding communications, recommending secure messaging applications like Signal Private Messenger, Telegram, or WhatsApp. There are concerns that the hackers may still be present in the telecommunications networks.

AppWizard

December 5, 2024

New DroidBot Android malware targets 77 banking, crypto apps

A new Android banking malware called 'DroidBot' targets the credentials of over 77 cryptocurrency exchanges and banking applications in several European countries, including the UK, Italy, France, Spain, and Portugal. Discovered by Cleafy, it has been operational since June 2024 and functions as a malware-as-a-service (MaaS) platform with a subscription price of ,000 per month. At least 17 affiliate groups are using malware builders to customize their attacks. DroidBot has caused 776 unique infections across the UK, Italy, France, Turkey, and Germany. The developers, believed to be based in Turkey, provide affiliates with tools like a malware builder and command and control servers. DroidBot disguises itself as trusted applications to deceive users and includes features such as keylogging, overlaying fake login pages, SMS interception, and remote control via Virtual Network Computing. It exploits Android's Accessibility Services to monitor user actions. Targeted applications include Binance, KuCoin, BBVA, Unicredit, Santander, Metamask, BNP Paribas, Credit Agricole, Kraken, and Garanti BBVA. Users are advised to download apps only from Google Play, scrutinize permission requests, and activate Play Protect.