Telegram bots - Tool

Threat entity extracted from intelligence sources

Frequency
5
occurrences
First Seen
November 11, 2025
Last Seen
May 9, 2026

Telegram bots is a tool tracked across 6 threat clusters and 5 intelligence report mentions on ThreatCluster. First observed November 11, 2025; most recent activity May 9, 2026.

Overview

Telegram bots are being repurposed as phishing infrastructure, with attackers deploying automated Telegram bot accounts to collect credentials. The campaigns target European entities and corporate credentials, illustrating how threat actors weaponize legitimate bot ecosystems within messaging platforms to harvest sensitive data. This highlights an evolving risk where messaging services become vectors for credential theft and credential-serving infrastructure.

Related Threat Clusters

Recent Intelligence Reports

  • Cyber Cell busts AI-driven deepfake loan fraud racket, three more masterminds arrested — English.Gujaratsamachar · May 9, 2026
  • Telegram Mini Apps abused for crypto scams, Android malware delivery — Bleepingcomputer · May 3, 2026
  • NFC Relay Malware Surge Targets European Payment Cards — Technadu · December 2, 2025
  • Telegram bots exploited in European credential phishing campaign — Scworld · November 12, 2025
  • Cyble Detects Phishing Campaign Using Telegram Bots to Siphon Corporate Credentials — Thecyberexpress · November 11, 2025

CVSS v3.1 Breakdown