Much easier than on the darknet: darknet market on Telegram

Telegram has made headlines as the home of right-wing radicals. But it is not only political extremes that are spreading there, but also darknet markets traders.

Those who have searched for darknet markets offers for narcotics, weapons or stolen accounts on the Internet have usually had to make an effort to use the Tor browser and use it correctly. In the meantime, such offers can also be easily found via the Messenger Telegram. For this, it is sufficient to try the global search function in Telegram and type in the desired goods. There, the app lists not only individual vendors, but entire groups and channels in which traders present illegal goods of all kinds. Our research took only minutes to encounter vendors selling hard drugs such as heroin, cocaine or crystal meth. We also found other search terms and were presented with sharp weapons and fake master letters.

The technical hurdle at Telegram is so low that even less savvy users can find and participate in these groups. For the use of the messenger, a smartphone is sufficient, which can receive a single SMS for registration. Quite different in the "classic" darknet:You would first have to set up the Tor browser and understand the concept of the Tor network. While the Tor network is notoriously slow and services and pages often change addresses, communications and trading at Telegram happen in real time and the providers are easy to find. Also, the channels seem considerably more serious by framing the professionally designed messenger than the Tor platforms, which are often reminiscent of the web of the 90s. And on Telegram you will find all the offers on German.

Professional infrastructure

In so-called advertising groups, people post references to other groups or offers. The whole thing often seems like a loose association of unsorted posts. However, the groups are managed by their administrators with the support of sophisticated bots. The bots separate people from other bots, welcome new members and tell them the group rules. Such bots are also used in perfectly legal chat groups. Elements typical of legal trading platforms such as regular special offers, product rating systems or bonus programs are also available. In many of the groups, at least in the rules, the trade in narcotics, drugs and weapons is prohibited, but this is not consistently enforced.

The offers in the groups do not only include weapons and drugs. Retailers also offer prescription drugs, anonymous SIM cards or stolen accounts from streaming services. On some channels, Hollywood movies are uploaded – often alternating with conspiracy propaganda. Telegram allows uploading a maximum of 2 GB of large files. But that's enough for a full-length feature film in Full HD. Anonymous SIM cards and software copies for various operating systems are also traded there.A trader neatly lists his drug supply. Those who buy larger quantities even get a discount.

Fake documents and products

Until now, classic counterfeit products were more likely to be found on Facebook and forums. In the meantime, they have spread to Telegram. Retailers offer counterfeits of luxury brands such as Dolce & Gabbana or Gucci. Product rating scammers who falsify shop reviews also find so-called "testers" here. These vendors reimburse customers for the purchase price of certain products on platforms such as Amazon when they write positive product reviews. In this way, the often very cheap products are to be upgraded. Providers of illegal IPTV and card sharing services also report almost daily to the darknet markets .

A trade in forged documents is also taking place. One of the providers we found in the course of the searches receives fake registration certificates, master letters or MPU certificates for 70 to 1250 euros – payable via Bitcoin. According to the provider, the documents are all marked with real signatures and stamps on "original paper". How professional the service works is shown by the interaction with the trader. The communication takes place using a sophisticated Telegram bot, which has submenus for numerous document types. If you have clicked on the desired product, you will get a link to a Bitcoin payment service provider.You buy fake documents through a professional-looking Telegram bot.

The bot sends darknet markets links to services to users who don't have bitcoins to help them convert cash into bitcoins. If you have further questions, you will find a detailed FAQ collection, which informs about delivery times and necessary data. Customer uncertainties are dispelled with well-made info texts claiming that the documents were created by "partners & employees of the respective institution". The forged documents will then be sent by post or as a PDF with delivery times between three days and four weeks.

Telegram does not delete

The fact that Telegram is so attractive for such offers as for extremists is partly due to the fact that the operator deletes only a little even after reports from users. The groups we reported eight weeks ago have not been deleted, despite apparently illegal trade until the editorial deadline.

In addition, Telegram is attached to the fact that it is safer and more anonymous than other messengers. However, this is only partially true. While in the often reviled WhatsApp all communication is end-to-end encrypted, with Telegram you have to start a private chat. A normal chat is only transport-encrypted and runs in plain text via the Telegram servers. Darknet market chats and channels cannot encrypt Telegram end-to-end due to principle. In addition, the encryption called MTProto is developed by the company itself and is criticized by some cryptologists.Not only pistols, but also machine guns are offered by the darknet market on Telegram.

This seems to weigh some users and providers in safety, so they appear with a clear name or visible phone number. But perhaps the low entry hurdle is taking revenge and users are unaware of their easy identification.

Authorities have little access

For the police, trading via telegram is difficult to punish, because Telegram does not release any data about users. It is not known where the service's servers are located. The Russian company has also already resisted attempts by the Russian government to share the encrypted data of its users. Meanwhile, the government has stopped its efforts and lifted a ban on messengers.

It is known that the BKA has been monitoring Telegram for a long time. This is achieved by using several devices with a Telegram account. All that is required to log in is an SMS that the authorities can easily intercept. However, this only works if two-factor authentication is not active.

The BKA told c't that the offers on the darknet market have become more professional over the years, but it is also noticeable among Telegram groups that "more and more administrative structures, such as moderators, are forming to check the dealers."

At the request of c't, the Bavarian State Criminal Office stated that it was known "that the chat platform Telegram is occasionally used for criminally relevant matters". However, there is no information on specific current events on the platform. Furthermore, the Bavarian LKA assumes that "potential incriminated transactions are preferably carried out via the darknet market or TOR network, since there is a much higher technical effort to conceal the identity of buyers and sellers".

According to the Federal Ministry of Justice, Telegram does not use the Network Enforcement Network (NetzDG), which obliges providers to report such cases. "When the NetzDG was created, the focus was deliberately placed on the major social networks that are particularly relevant for public opinion," said a spokeswoman for the Federal Ministry of Justice.

Old patterns, new ways

Trade in illegal goods is not a new problem. Until now, however, the Internet required a minimum of technical expertise to get such offers. The detectability via Telegram massively lowers the hurdle. Even unneeded users will find drugs, weapons and counterfeits in a matter of seconds.

Comments 0

Leave a comment

Cancel reply

Login to leave a comment