Telegram (1cb01fde-0d01-426a-a3c6-b5591d2e17c7)
Telegram is a global instant messaging service that is utilized by threat actors and other users for various malicious and benign purposes. Among the many features telegram provides to its no malicious clients, the API and BOT functionalities can and is abused by threat actors as means to deploy malware and/or exfiltrate data. Due to the service's high usage it is often unblocked and not monitored, providing to an attacker an easy way to bypass network restrictions.[Telegram December 4 2024]
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| GhostSec (9d1a4d48-33b8-4f14-bec7-ef105c094297) | Tidal Groups | Telegram (1cb01fde-0d01-426a-a3c6-b5591d2e17c7) | Tidal Software | 1 |