Criminal networks from Southeast Asia are extensively utilizing the messaging app Telegram, fundamentally changing the landscape of organized crime, according to a report released by the United Nations on Monday.
The report follows recent allegations against Telegram’s CEO, Pavel Durov, who was charged in France for enabling criminal activity on the platform, under a new law without an international counterpart.
According to the United Nations Office for Drugs and Crime (UNODC), hacked data—ranging from credit card details to passwords—is openly traded on Telegram, which features sprawling channels with minimal moderation. The report highlights that tools for cybercrime, including deepfake software and data-stealing malware, are widely available, while unlicensed cryptocurrency exchanges provide money laundering services.
One advertisement reportedly claimed, “We move 3 million USDT stolen from overseas per day,” illustrating the scale of illicit transactions taking place. The UNODC stated there is “strong evidence of underground data markets moving to Telegram” as vendors seek to target transnational organized crime groups in the region.
Southeast Asia has emerged as a major hub for a multibillion-dollar industry focused on fraudulent schemes, with many operations linked to Chinese syndicates. This industry reportedly generates between $27.4 billion and $36.5 billion annually.
Durov, who was arrested in Paris in August for facilitating criminal activity on the platform, has sparked discussions about the criminal liability of app providers. Following his arrest, he stated that Telegram would cooperate with legal authorities by providing user IP addresses and phone numbers while also pledging to remove features exploited for illegal activities.
Benedikt Hofmann, UNODC’s deputy representative for Southeast Asia and the Pacific, emphasized the platform’s accessibility for criminals, warning that consumers’ data is now more vulnerable to scams and other illicit uses than ever before. The report indicates that criminal groups in the region are innovating their operations, integrating new technologies such as malware and generative artificial intelligence into their schemes.
UNODC identified over 10 deepfake software providers targeting criminal groups engaged in cyber-enabled fraud in Southeast Asia. In South Korea, authorities are investigating Telegram for its potential role in facilitating online sex crimes, particularly deepfake pornography.
In another incident, a hacker used Telegram chatbots to leak sensitive data from top Indian insurer Star Health, leading the company to take legal action against the platform. The leaked information included names, phone numbers, addresses, and medical diagnoses, highlighting the serious implications of data vulnerabilities on Telegram.
