- Confidential and Proprietary - Luminar Annual Threat Landscape Report Page 18 marketplaces. Telegram further enables users to create and share programs using APIs and bots, allowing users to conduct automated tasks. Automation in messaging platforms makes it more appealing, convenient, and accessible for malicious actors. There are several information stealing malware that rely on Telegram for their functionality. Telegram can allow using bots that can be accessed via bot commands inside the app. After the malware is loaded onto a victim’s system, malicious actors can swipe steal information, having that information directed into a Telegram channel of their choosing. 45 Furthermore, hackers can use the bots to run their operations while remaining in the shadows and spread their influence more easily across chats and groups. Researchers found that the preference for Telegram was created due to a combination of simplicity and security found in the app, allowing cybercriminals to message others individually or in groups, as well as to receive or send large data files. Moreover, Telegram allows cybercriminals to run multiple levels of communication. The users can use the same account to access both individual private messages and group and channel communications. 46 4.2.2 Privacy and Protection Creating Telegram channels and groups saves threat actors from dealing with multiple issues related to maintenance and security. For instance, using domain services inflict additional risks such as being hacked by other threat actors or targeted by DDoS attacks. Telegram channels could be safer for cybercriminals to use, as they might be harder for authorities to track and correlate online personas with real identities. 45 https://intel471.com/blog/how-cybercriminals-are-using-messaging-apps-to-launch-malware-schemes 46 https://intel471.com/blog/why-cybercriminals-are-flocking-to-telegram