RANSOMWARE OPERATION💰 FINANCIAL
telegram
1
aliases
Intelligence Profile
telegram — tracked by MISP Galaxy (ransomware).
Threat Analysis
telegram is a ransomware operation that deploys encryption-based extortion against organizations globally. This group maintains a data leak site (DLS) to pressure victims into paying ransom demands.
Financially motivated threat actors like telegram prioritize monetary gain through methods such as ransomware deployment, banking trojans, cryptocurrency theft, BEC scams, or credential harvesting for resale on underground markets.
Intelligence Reports Mentioning telegram
Malicious PyPI packages give hackers control of Telegram bot servers
BleepingComputer· Jun 30, 2026
Telegram-Based Millenium RAT Campaign Infects 60,000 Devices
Infosecurity Magazine· Jun 29, 2026
Telegram admits it couldn't police exam-leak channels, India tells court
BleepingComputer· Jun 18, 2026
India's Telegram ban hit the UAE too. Here's how to get around it
BleepingComputer· Jun 17, 2026
India's Telegram ban draws criticism from Durov as company challenges order in court
The Record· Jun 16, 2026
India temporarily blocks Telegram over medical exam cheating fears
The Record· Jun 16, 2026
Apple removes Russia’s state-backed messaging app Max from its store
The Record· Jun 4, 2026
UN food agency investigates breach exposing data of Gaza aid recipients
The Record· Jun 4, 2026
External References
Quick Facts
TypeRansomware Operation
Motivation💰 financial
Aliases1
Also Known As
telegram
Research Links
Data sourced from Malpedia, Ransomware.live, RansomLook, and CTIWATCH OSINT collection. Actor attribution is based on available intelligence and may be incomplete.