“Is This You?” The Parler Migration to Telegram Is a Hacker’s Paradise
Early 2021 has seen an inspiring evolution in the way people communicate online. Unfortunately hackers are eager to find ways to exploit these advances particularly in forums where politics are discussed, particularly the conservative side.
Case in point the various platforms where citizens discussed QAnon conspiracy theories and MAGA agenda. Most of the platforms experienced a shake-up following the riots that resulted in the breach of the Capitol in Washington, DC.
The platforms derided by what has become a mass exodus from traditional Big Data social media are Twitter, Facebook, Instagram, WhatsApp and TikTok. The companies that hosted the “problem” include Amazon, Apple, Facebook and Google. The migration landed primarily at Gab, Parler, Rumble, Signal as well as some smaller players in the messaging game.
In its never ending march to a post-privacy society, Facebook announced it would deploy data associated with its nearly 2 billion users throughout the company’s ecosystem of apps on the same day of the riot — January 6. The announcement was met with universal disapproval but it quickly became more amplified on the Right, since it coincided with the deplatforming of former President Donald Trump and riot participants who posted their crimes in the Capitol online. The right-wing Twitter alternative Parler was swamped with new users and then shortly thereafter taken offline by its hosting provider at Amazon Web Services.
That’s an enormous number of people moving digitally, and concomitantly provided an opportunity for hackers. The secure messaging service Signal reported periodic outages from the influx of new users, and Telegram added 25 million new users over a 72 hour period according to its CEO.
Although the privacy and security settings offered by alternative messaging services like Telegram and Signal may appeal to users looking for a secure place to exchange views and information, they may not be as failsafe an option as they seem.
Reports of hacking are already circulating. I was contacted by a person who was doing research on QAnon in the wake of the riot who had a surprising interaction. While messaging on Telegram with Trump supporters and QAnon fans, a photo that only existed on the hard drive of his computer appeared in the message thread.
“Is this you?” one of the Telegram users asked.
“I immediately shut down my laptop and unplugged it from the internet,” John Q Public said (he prefers not to be identified further). After running multiple malware scans on his computer, he still has no idea how the members of the Telegram chat room were able to access his data.
The answer may be something — an image or link — that he clicked on while doing his research. Spyware and malware that are spread via messaging platforms are by no means new: Messaging apps have been used to spread everything from e-skimming programs to ransomware in recent years, including an infamous hack of Amazon CEO Jeff Bezos, apparently via a file transmitted through WhatsApp.
At least part of the problem here is that many of the security claims made by messaging and online communication platforms can give users a false sense of security.
That being the case, it’s important for anyone seeking a new messaging platform to keep the following in mind, regardless of political affiliation:
- Just because a platform is end-to-end encrypted doesn’t mean you’re secure. It may just mean a hacker is able to send malware directly to you by way of a secure connection.
- Photos, video files, or any kind of download can be a delivery mechanism for malware. Once you’re seeing a file, it’s on your computer.
- Practice extreme caution when downloading and installing apps on your personal devices. Make sure that the app is from a legitimate source (Apple’s app store or Google Play in most cases), and be sure that it isn’t requesting more access to your data than is strictly necessary.
- Use anti-malware software, and practice basic data hygiene such as using strong, unique passwords.
- Avoid clicking on links or opening attachments sent via text, email, or app.