Telegram bots is a tool tracked across 6 threat clusters and 5 intelligence report mentions on ThreatCluster. First observed November 11, 2025; most recent activity May 9, 2026.
Telegram bots are being repurposed as phishing infrastructure, with attackers deploying automated Telegram bot accounts to collect credentials. The campaigns target European entities and corporate credentials, illustrating how threat actors weaponize legitimate bot ecosystems within messaging platforms to harvest sensitive data. This highlights an evolving risk where messaging services become vectors for credential theft and credential-serving infrastructure.
Cybersecurity researchers have identified a large-scale fraud operation utilizing Telegram's Mini App feature, named FEMITBOT. This platform enables threat actors to run various scams, including fake cryptocurrency…
Delhi Police have arrested multiple individuals involved in cyber fraud schemes, including a stock market scam that defrauded victims of Rs 14 lakh and APK-based frauds totaling Rs 80,825. The stock market scam involved…
Cybersecurity researchers have identified a new Android banking trojan named Sturnus, capable of stealing banking credentials and accessing encrypted messages from apps like WhatsApp, Telegram, and Signal. The malware…
Cybersecurity researchers have identified a new Android banking trojan named Sturnus, which can steal banking credentials and access encrypted messages from apps like WhatsApp, Telegram, and Signal. This malware…
A sophisticated phishing campaign has been identified in Central and Eastern Europe, targeting various sectors including manufacturing and government. Cybercriminals are using HTML attachments with embedded JavaScript…
A sophisticated phishing campaign has been identified in Central and Eastern Europe, targeting various sectors including manufacturing, government, and telecommunications. The campaign utilizes HTML attachments…