UN released a report on Monday detailing how powerful criminal networks in Southeast Asia extensively utilize the messaging app Telegram, fundamentally transforming organized crime’s ability to conduct large-scale illicit activities. This report follows recent charges against Telegram’s founder, Pavel Durov, by French authorities for allowing criminal conduct on the platform.
According to the United Nations Office for Drugs and Crime (UNODC), hacked data—including credit card details, passwords, and browsing histories—are openly traded on Telegram, which hosts vast channels with minimal moderation. The report also revealed that tools for cybercrime, such as deepfake software and data-stealing malware, are readily available for purchase, alongside unlicensed cryptocurrency exchanges offering money laundering services. One advertisement quoted in the report claimed, “We move 3 million USDT stolen from overseas per day.”
The UNODC report provides “strong evidence” that underground data markets are migrating to Telegram, with vendors actively targeting transnational organized crime groups operating in Southeast Asia. The region has developed into a major hub for a multibillion-dollar industry that employs fraudulent schemes against victims worldwide. Many of these operations are run by Chinese syndicates from fortified compounds with trafficked workers. The industry reportedly generates between $27.4 billion and $36.5 billion annually.
Durov, a Russian-born entrepreneur, was arrested in Paris in August on charges related to facilitating criminal activity on Telegram, including the dissemination of child sexual abuse images. His arrest has sparked discussions about the criminal liability of app providers and raised questions about the balance between freedom of speech and law enforcement.
With nearly 1 billion users, Telegram did not respond immediately to requests for comment. After his arrest, Durov stated that the app would comply with legal requests by providing user IP addresses and phone numbers and would remove features that have been misused for illegal activities.
Benedikt Hofmann, UNODC’s deputy representative for Southeast Asia and the Pacific, emphasized that Telegram creates an accessible environment for criminals, putting consumers’ data at heightened risk of exploitation in scams and other criminal activities.
The report noted that the substantial profits earned by criminal groups have led them to innovate, integrating new business models and technologies, including malware, generative artificial intelligence, and deepfakes into their operations. UNODC identified over 10 deepfake software service providers specifically targeting criminal groups involved in cyber-enabled fraud in the region.
In South Korea, authorities have launched an investigation into Telegram regarding its potential facilitation of online sex crimes, particularly concerning deepfake pornography. Additionally, a hacker reportedly used Telegram chatbots to leak data from Star Health, a major Indian insurer, prompting the company to file a lawsuit against the platform. This breach allowed the hacker to download sensitive policy and claims documents, revealing personal information such as names, addresses, and medical details.