Click here to download all references as Bib-File.•
| 2026-05-20
⋅
Hackernoon
⋅
ZeffSec Resurfaces on Telegram, Claims Breach of Gozine2.ir ZeffSec |
| 2026-03-26
⋅
SOCRadar
⋅
Telegram Hacktivist Activity Timeline of Iran – Israel & US War 313 Team Conquerors Electronic Army Cyber Islamic Resistance Keymous+ Z-Pentest Alliance |
| 2026-03-20
⋅
FBI
⋅
Government of Iran Cyber Actors Deploy Telegram C2 to Push Malware to Identified Targets |
| 2025-11-20
⋅
ThreatFabric
⋅
Sturnus: Mobile Banking Malware bypassing WhatsApp, Telegram and Signal Encryption Sturnus |
| 2025-10-09
⋅
Github (cocomelonc)
⋅
Linux hacking part 7: Linux sysinfo stealer: Telegram Bot API. Simple C example |
| 2025-08-15
⋅
cocomelonc
⋅
Malware development trick 50: phishing attack using a fake login page with Telegram exfiltration. Simple Javascript example. |
| 2025-08-04
⋅
Beazley Security Labs
⋅
Ghost in the Zip | New PXA Stealer and Its Telegram-Powered Ecosystem PXA Stealer |
| 2025-08-04
⋅
Sentinel LABS
⋅
Ghost in the Zip | New PXA Stealer and Its Telegram-Powered Ecosystem PXA Stealer |
| 2025-07-30
⋅
cocomelonc
⋅
Mobile malware development trick 2. Abuse Telegram Bot API: Contacts. Simple Android (Java/Kotlin) stealer example. |
| 2025-07-13
⋅
cocomelonc
⋅
Mobile malware development trick 1. Abuse Telegram Bot API. Simple Android (Java/Kotlin) stealer example. |
| 2025-06-12
⋅
cocomelonc
⋅
MacOS hacking part 1: stealing data via legit Telegram API. Simple C example |
| 2025-05-06
⋅
Infoblox
⋅
Telegram Tango: Dancing with a Scammer |
| 2025-04-27
⋅
SentinelOne
⋅
Atomic Stealer | Threat Actor Spawns Second Variant of macOS Malware Sold on Telegram AMOS |
| 2025-04-01
⋅
Reversing Stories
⋅
Latrodectus Malware Delivered via Telegram Bot/Chat API Latrodectus |
| 2025-04-01
⋅
Hunt.io
⋅
Same Russian-Speaking Threat Actor, New Tactics: Abuse of Cloudflare Services for Phishing and Telegram to Filter Victim IPs Pyramid |
| 2025-01-30
⋅
⋅
Intrinsec
⋅
Telegram Stories: voice spoofers, tools and operating modes |
| 2024-12-18
⋅
KELA
⋅
Three Months After the Storm: Did Cybercriminals Move to Telegram Alternatives? |
| 2024-10-16
⋅
BitSight
⋅
Exfiltration over Telegram Bots: Skidding Infostealer Logs 404 Keylogger Agent Tesla |
| 2024-09-09
⋅
Github (itaymigdal)
⋅
Poshito - New Telegram C2 |
| 2024-09-04
⋅
Check Point
⋅
Hacktivists Call for Release of Telegram Founder with #FreeDurov DDoS Campaign EvilWeb RipperSec |