“Is This You?” The Parler Migration to Telegram Is a Hacker’s Paradise

Getty Images

Early 2021 has seen an inspiring evolution in the way people communicate online. Unfortunately hackers are eager to find ways to exploit these advances particularly in forums where politics are discussed, particularly the conservative side.

Case in point the various platforms where citizens discussed QAnon conspiracy theories and MAGA agenda. Most of the platforms experienced a shake-up following the riots that resulted in the breach of the Capitol in Washington, DC.

The platforms derided by what has become a mass exodus from traditional Big Data social media are Twitter, Facebook, Instagram, WhatsApp and TikTok. The companies that hosted the “problem” include Amazon, Apple, Facebook and Google. The migration landed primarily at Gab, Parler, Rumble, Signal as well as some smaller players in the messaging game.

In its never ending march to a post-privacy society, Facebook announced it would deploy data associated with its nearly 2 billion users throughout the company’s ecosystem of apps on the same day of the riot — January 6. The announcement was met with universal disapproval but it quickly became more amplified on the Right, since it coincided with the deplatforming of former President Donald Trump and riot participants who posted their crimes in the Capitol online. The right-wing Twitter alternative Parler was swamped with new users and then shortly thereafter taken offline by its hosting provider at Amazon Web Services.

That’s an enormous number of people moving digitally, and concomitantly provided an opportunity for hackers. The secure messaging service Signal reported periodic outages from the influx of new users, and Telegram added 25 million new users over a 72 hour period according to its CEO.

Although the privacy and security settings offered by alternative messaging services like Telegram and Signal may appeal to users looking for a secure place to exchange views and information, they may not be as failsafe an option as they seem.

Reports of hacking are already circulating. I was contacted by a person who was doing research on QAnon in the wake of the riot who had a surprising interaction. While messaging on Telegram with Trump supporters and QAnon fans, a photo that only existed on the hard drive of his computer appeared in the message thread.

“Is this you?” one of the Telegram users asked.

“I immediately shut down my laptop and unplugged it from the internet,” John Q Public said (he prefers not to be identified further). After running multiple malware scans on his computer, he still has no idea how the members of the Telegram chat room were able to access his data.

The answer may be something — an image or link — that he clicked on while doing his research. Spyware and malware that are spread via messaging platforms are by no means new: Messaging apps have been used to spread everything from e-skimming programs to ransomware in recent years, including an infamous hack of Amazon CEO Jeff Bezos, apparently via a file transmitted through WhatsApp.

At least part of the problem here is that many of the security claims made by messaging and online communication platforms can give users a false sense of security.

That being the case, it’s important for anyone seeking a new messaging platform to keep the following in mind, regardless of political affiliation:

--

--

Founder, CyberScout. Co-founder, Credit.com.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store