Telegram: From Growth to Controversy

In an era where digital privacy is constantly under scrutiny, Telegram has risen as a dominant messaging platform, praised for its speed, large-scale group capabilities, and resistance to censorship.  

Founded in 2013 by Pavel Durov and headquartered in Dubai, Telegram is a cloud-based messaging app known for its seamless cross-device functionality. The platform allows users to send text messages, make voice and video calls, and share multimedia files and documents with ease. Its popularity has surged, particularly in countries with stringent censorship laws, due to its minimal content moderation and resistance to governmental restrictions make it a preferred choice for unrestricted communication.   While the platform has skyrocketed past one billion monthly active users, its rapid growth has come with a dark side, ranging from security flaws and cybercriminal exploitation to legal crackdowns. A recent zero-day vulnerability in its Android app sent shockwaves through the cybersecurity world, while reports surfaced of illicit cryptocurrency transactions and underground marketplaces thriving on the platform.  

Adding fuel to the fire, Telegram’s founder, Pavel Durov, was arrested in France over allegations of enabling criminal activity, forcing the company to rethink its stance on law enforcement cooperation. In response to mounting pressure, Telegram has taken aggressive action, removed millions of illicit groups and deployed AI-powered moderation tools to curb abuse. But with these developments unfolding, the question remains: can Telegram maintain its reputation as a secure and private messaging app, or is it at risk of losing its edge? This report takes a deep dive into the platform’s latest controversies, its efforts to combat misuse, and what the future holds for its users.

‍Privacy Features offered by Telegram

• End-to-End Encryption for Secret chats: Private conversations in Secret Chats are secured with end-to-end encryption, ensuring that only the sender and recipient can access the messages.  
• Self-destructing messages: Enhance privacy by setting messages to automatically self-destruct after a chosen time in Secret chats.
• Two-Step Verification: Strengthen account security by enabling two-step verification, adding an extra authentication layer beyond just your password.
• Passcode and Biometric Lock: Secure your Telegram app with a passcode, fingerprint, or face recognition, preventing unauthorized access.  
• Anonymous Message Forwarding: Prevent forwarded messages from revealing your identity by enabling anonymous forwarding, keeping your profile information private.  
• Advanced Data Privacy controls: Manage who can view your phone number, last seen status, and profile picture, with customizable settings to restrict visibility to everyone, only contacts, or nobody.
• Auto-Destructing Account: Protect your digital footprint by setting your account to automatically delete itself after a defined period of inactivity.  
• Minimal Data Collection policy: Telegram adhers to a strict privacy policy, collecting minimal user data while prioritizing anonymity.  
• Encrypted Data Storage: All data transmitted through Telegram is encrypted in transit and securely stored on its servers, adding an additional layer of protection.  
• Open-Source API and Security transparency: With an open API and protocol, Telegram allows independent audits, ensuring transparency and continuous security improvements.

Limitations to Consider Before Choosing Telegram

• Lack of default End-to-End Encryption: Unlike other messaging apps like WhatsApp and Signal, Telegram does not offer end-to-end encryption by default for all chats. Instead, messages are encrypted only during transmission and stored on Telegram's servers for multi-device access. A server breach could potentially expose stored messages, Although Secret Chats provide end-to-end encryption, they require manual activation, leaving standard conversations less secure.  
• Collection of Contact Data: By default, Telegram collects contact information, from user devices, including names and phone numbers. This data is used to notify when a contact joins the platform and to display their saved names. Additionally, Telegram's privacy policy states that anonymized phone number data is used to estimate the number of potential contacts an unregistered user may have, which is displayed in the "Invite Friends" section. While this practice enhances security, it raises concerns regarding data privacy in an app marketed for its security focus.
• Limited customer support: Telegram offers minimal support options, making issue resolution challenging. Assistance is available through social media (formerly Twitter), a support form, or the "Ask a Question" feature in settings, which is managed by volunteers. Official company support is difficult to access, making it hard to resolve technical issues beyond the frequently asked questions (FAQ) section.
• Low Adoption among friends and contacts: A messaging app is only useful as the number of people actively using it. While Telegram offers a range of features, adoption remains a challenge. If a contact list primarily uses WhatsApp, iMessage, or SMS, convincing them to switch can be difficult. While Telegram provides value through public channels and groups, the absence of key contacts limits its usability.  
• Introduction of Ads and Paid subscription: To sustain operations, Telegram introduced advertisements in late 2021, appearing in public channels with over 1,000 followers in select regions. While these ads are designed to be privacy conscious and non-intrusive, they still impact the user experience. Additionally, Telegram Premium, launched in June 2022, offers benefits like increased file upload limits, exclusive stickers, additional chat folders, and ad removal for a monthly fee. This monetization strategy has made some features inaccessible to free users, unlike competing apps that offer similar functionalities without subscriptions.  

‍Cybercrime on Telegram: A Growing Concern

While Telegram is widely recognized for its secure messaging and privacy features, these very attributes have also made it a preferred platform for illicit activities. Criminal networks, scammers, and cybercriminals exploit its encryption, anonymity, and expansive reach to engage in illegal operations with minimal risk of detection. From drug trafficking to financial fraud, Telegram has become a digital underworld where unlawful transactions take place beyond the watchful eyes of authorities.  

Notable criminal activities taking place on Telegram:

• Drug Trafficking: In Singapore, the Central Narcotics Bureau arrested over 500 individuals involved in drug-related offenses facilitated through Telegram.  
• Distribution of Illegal Goods: The platform has been utilized to sell counterfeit items, firearms, and fraudulent COVID-19 documents.  
• Cybercrime and Hacking: Cybercriminals exploit Telegram to exchange information, share hacking tools and coordinate activities.  
• Piracy: Telegram's features have been misused to distribute pirated content, raising concerns among content creators and legal platforms.  
• Scams and Fraud: The platform is also a medium for various scams, including fake investment schemes and fraudulent services.  
• Child Exploitation material: There have been instances of Telegram being used to share child sexual abuse material, leading to legal actions against its CEO, Pavel Durov.  
• Money Laundering and Illegal Gambling: Organized crime groups have leveraged Telegram for money laundering activities and to facilitate illegal gambling operations.  

Known Exploited Vulnerabilities in Telegram

How Telegram Fights Back Against Cybercrime

• AI-Powered Content Moderation: Uses artificial intelligence to detect and remove illegal content, such as child exploitation material, piracy and extremist propaganda in public groups and channels.  
• User Reporting System: Allows users to flag suspicious accounts, groups, and channels for review, leading to swift action against illicit activities.  
• Collaboration with Law Enforcement: Cooperates with authorities in various countries by providing metadata and taking down illegal content when legally required.  
• Banning of Illegal Groups and Users: Actively removes users, groups, and channels involved in cybercrime, scams and illicit trade though bad actors often create new accounts.  
• Stricter Moderation for Large Channels: Public channels with over 1,000 members face enhanced moderation and restrictions on advertisements to prevent misuse.  
• Restrictions on Forwarding and Link Sharing: Limits mass distribution of illegal content in large groups to slow down the spread of harmful material.  
• Account Auto-Self-Destruction: Inactive accounts automatically delete after a set period, reducing the risk of hijacked accounts being used for illegal activities.  
• Collaboration with Europol and Other Agencies: Works with international organizations to identify and remove terrorist propaganda additional security features.  
• Policy Updates and User Warnings: Regularly updates policies and issues educational warnings to inform users about safe practices and consequences of illegal activities.  

Tips to enhance your safety on Telegram

• Utilize Secret Chats: For one-on-one conversations, opt for Telegram's Secret Chat feature, which ensures end-to-end encryption. This guarantees that messages remain private and inaccessible even to Telegram.  
• Activate Self-Destruct Timers: Enable the self-destruct option for messages and shared files to ensure automatic deletion after a set period, reducing the risk of unauthorized access.  
• Enable Two-Factor Authentication (2FA): Strengthen account security by activating 2FA in the Privacy and Security Settings. This requires an additional verification step when logging in on a new device, making unauthorized access significantly more difficult.  
• Customize Privacy Settings: Review and adjust your privacy settings to control who can view personal details like your phone number and profile picture.
• Exercise Caution with Telegram Bots: Telegram allows third-party developers to create bots using its API, but these are not officially verified and may pose security risks. Avoid interacting with unknown bots and refrain from granting them access to sensitive data.  
• Be selective abouts contacts: Avoid adding unfamiliar users to your contacts, and do not accept calls or chat requests from unknown individuals. This precaution helps mitigate the risk of malware infections and social engineering attacks.  
• Block Unwanted messages: Block and report suspicious contacts to reduce exposure to phishing attempts or malware.
• Use a VPN for Extra Security: A Virtual Private Network (VPN) helps protect online privacy by encrypting internet traffic and masking the user’s IP address.  

Closing Thoughts: Can Telegram Evolve for the Better?

Telegram stands as a double-edged sword in the digital communication landscape, praised for its speed, massive group support, and resistance to censorship, yet frequently for its security loopholes and misuse by bad actors. While the platform continues to take measures to curb illicit activities and enhance security, users must remain cautious and proactive in protecting their data. Understanding these limitations allows individuals to make informed decisions about using Telegram while urging the platform to strengthen its security and privacy measures. By addressing these shortcomings, Telegram can refine its user experience, build greater trust, and maintain its competitive edge in the ever-evolving digital communication space.

Sources Cited:

1. ‍https://vpnoverview.com/privacy/apps/telegram-vs-whatsapp/
2. ‍https://www.larksuite.com/en_us/blog/telegram-vs-whatsapp
3. ‍https://www.geeksforgeeks.org/telegram-vs-whatsapp/
4. ‍https://www.makeuseof.com/reasons-stop-using-telegram/
5. ‍https://protonvpn.com/blog/is-telegram-safe
6. ‍https://www.avast.com/c-is-telegram-safe
7. ‍https://thehackernews.com/2024/08/telegram-founder-pavel-durov-arrested.html  
8. ‍https://thehackernews.com/2024/09/telegram-agrees-to-share-user-data-with.html  
9. ‍https://quickblox.com/blog/is-telegram-secure-what-it-takes-to-build-a-secure-messaging-app/  
10. ‍https://www.nytimes.com/2024/09/07/technology/telegram-crime-terrorism.html