Security News > 2022 > July > Messaging Apps Tapped as Platform for Cybercriminal Activity

Cybercriminals are tapping the built-in services of popular messaging apps like Telegram and Discord as ready-made platforms to help them perform their nefarious activity in persistent campaigns that threaten users, researchers have found.

Threat actors are tapping the multi-feature nature of messaging apps-in particularly their content-creation and program-sharing components-as a foundation for info-stealing, according to new research from Intel 471.

Specifically, they use the apps "To host, distribute, and execute various functions that ultimately allow them to steal credentials or other information from unsuspecting users," researchers wrote in a blog post published Tuesday.

"While messaging apps like Discord and Telegram are not primarily used for business operations, their popularity coupled with the rise in remote work means a cybercriminal has a bigger attack surface at their disposal than in past years," researchers wrote.

Intel 471 identified three key ways in which threat actors are leveraging built-in features of popular messaging apps for their own gain: storing stolen data, hosting malware payloads, and using bots that perform their dirty work, they said.

Blitzed Grabber and two other stealers observed using messaging apps for data storage-Mercurial Grabber and 44Caliber-also target credentials for the Minecraft and Roblox gaming platforms, researchers added.

News URL

https://threatpost.com/messaging-apps-cybercriminals/180303/