Check Point Research (CPR) has been monitoring activities occurring on Telegram observed from around the current conflict after Russia attacked Ukraine.
Telegram has become a digital forefront for cyber attacks, fraud and news feeds with cyber criminals and hacktivists leveraging the messaging app for conflict-related activities.
CPR has documented a six-fold increase in Telegram groups themed on the war on the day Russia invaded Ukraine.
Check Point’s threat intelligence arm, has been closely monitoring Telegram throughout the current Russia-Ukraine conflict, and has characterised these groups:
- Flash news and updates (71 per cent of groups observed)
- Hacking\hacktivist groups targeting Russia (23 per cent)
- Ukraine donation requests (4 per cent)
- Other subjects relating to the conflict, some non-active and have no users (2 per cent)
- Characteristics and examples of Group A: Flash news/updates
Telegram has become a digital forefront of the conflict, where people are choosing sides online, according to Oded Vanunu, head of products vulnerabilities research at Check Point Software.
“We’re seeing people from all corners of the world organising themselves and resources to support either Russia or Ukraine.”