The Top 5 Dark Web Telegram Chat Groups and Channels
As experts in dark web data, the Webz.io cyber team has created an overview of the top five dark web Telegram chat groups and channels. We decided to make a list of chat groups and channels for categories like hacking, drugs, racism, financial fraud, and data breaches.
We selected the top five dark web groups and channels based on the size of the user-base, language, use case, number of daily messages, and the year it was founded.
The encryption and anonymity offered in chat applications like Telegram, IRC and Discord have encouraged a growing number of criminals to flock to them for a wide range of activities.
These activities include but are not limited to hacking, or trading malware and discussing security vulnerabilities; trade of illegal drugs or prescription drugs; and the trading or discussion of personally identifiable information (PII). In addition, many terrorist discussions and chats with extremist or racist content also take place using these chat applications.
Even though many of these chat groups, channels, and servers are technically open to the public, they are sometimes only shared in a specific forum or a closed community that is geared toward a specific type of audience. The anonymity of the users combined with the often exclusive sharing of information and the scale of the data makes it challenging for law enforcement and security agents to monitor.
A commercial dark web data crawling technology can monitor existing groups of chat applications at scale and also automatically discover new ones through specific identifiers. This includes groups and channels that can be difficult to discover since they are closed groups, forums, or communities. In addition, many marketplaces and forums on the dark web have a dedicated Telegram group.
But before we continue, let’s give you some background about the chat application itself.
A Brief History of Telegram
Founded in 2013, after Edward Snowden’s whistleblowing on the United States’ government’s mass surveillance system, Telegram was created with the mission of protecting private conversations and data from third parties (including governments).
As a result, unlike other chat applications, Telegram has promoted itself as offering full anonymity. This includes the ability to forward messages anonymously and to set up a username while keeping users’ phone numbers private. Unsurprisingly, these features make it one of the top chat applications of choice for many criminals.
Now let’s cover the top five Telegram chat groups and channels:
Group: Carders [Getbette.biz] – [Dumps][Cc][Cvv][Dumps+Pin][Track2 / Track1+Track2]
- Created: 2017
- Main Language: English
- Statistics: 5,812 members
- Topics of interest: Financial fraud and carding
Users post daily messages on the Carders group offering to sell or purchase personally identifiable information (PII) that have been acquired through carding, leaked credit cards, bank account information, and money transfers that enable money laundering. Carding is financial fraud that involves stealing credit card numbers, bank accounts, and other personal information online and using them for money laundering and other illegal purposes.
Another interesting fact is that the chat group is also related to a credit card shop called http://getbette.biz. The shop is currently down.
Here is an example of a post from this chat group related to a full package of individual’s identifying information (including but not limited to credit card information). A credit card dump refers to an unauthorized digital copy of the data on an active credit card, such as the card number and expiration date. Once this data is available to hackers, it can be used by them to make purchases. We have covered more about this criminal lingo in our post Telegram Fresh Fullz and dumps.
Here are a few examples of posts from the Carders group:
In the post above, we can see that the threat actor left his phone number, which can be useful for threat actor profiling. Actor profiling is a research methodology that helps organizations to analyze and reveal the identity of anonymous threat actors on the dark web through various identifiers such as wallet ID, phone numbers, or an email address connected to the actor.
2. Narcotic Express DE ❄️🚖
- Group: Narcotic Express DE ❄️🚖
- Created: July 8, 2020
- Main Language: German
- Statistics: 589 members
- Topics of interest: Drugs
Narcotic Express DE is the only closed Telegram group on this list. This small but focused Telegram group is used for the trade of illicit drugs and hosts discussions related to narcotics. Closed Telegram groups, as opposed to open ones, cannot be found in a search within the app or the Telegram dedicated search engine. In addition, closed groups only enable users to see messages in the group if they join them. The link to join private groups is only available when shared by another user in the group.
Shortly after the group was opened, Webz.io added it to the many chat groups, sites, marketplaces, and discussions we cover in the dark web.
Below is an example of a post published by a user looking to sell cocaine in Narcotic Express DE:
3. Whatsapp Hacking Telegram
- Group: Whatsapp Hacking Telegram
- Created: February 10, 2020
- Main Language: English
- Statistics: 5,825 members
- Topics of interest: Hacking
The Whatsapp Hacking Telegram group distinguishes itself from other Telegram groups because it only allows the group admins to send messages to the group. Most of these messages are related to hacking and cyber attack offers for sale, in addition to screenshots of deals made via chats.
Another interesting fact is that the WhatsApp Hacking Telegram group is related to dsmhackers.net, a shop for cyber attack services.
Below is an example of a message posted by the group admin related to different hacking services:
4. NSDAP France
- Channel: NSDAP France
- Created: August 25, 2018
- Main Language: English, Russian and French
- Statistics: 253 members
- Topics of interest: White supremacy and racism
The NSDAP France Telegram channel stands for the Nazi Party (or the Nationalsozialistische Deutsche Arbeiterpartei). Posts on this channel contain messages, pictures, and videos related to racism, white supremacy, anti-zionism, anti-feminism, and against assisted reproductive technology (ART) through surrogacy and LGBT adoptions.
Telegram channels, unlike groups, only enable admins to post and allow an unlimited number of subscribers to join the channel.
The NSDAP France channel is related to pages in VK, a Russian online social media platform similar to Facebook and this Gab page.
Here is an example of the type of image posted in the NSDAP France channel, with the words “kill n*ggers” at the bottom of the image:
5. Free Premium Accounts
Channel: Free Premium Accounts – Netflix•accounts•free•premium•hotstar•disney•plus•amazon•prime•hulu•voot•pornhub•spotify•altbalaji•hack.
- Created: May 22, 2019
- Main Language: English
- Statistics: 1,732 members
- Topics of interest: Database sharing
This channel is another Telegram channel that shares personally identifiable information (PII) in addition to information about hacking and cracking tools. Cracking tools are used to discover passwords found in data stored or transmitted by a computer system. Similar to the channels mentioned before, it only allows channel managers to send messages in the channel.
Similar to the NSDAP France channel, this channel was related to pages in VK and Gab. The page was recently blocked in VK.
Stay on Top of the Latest Dark Web Chat Groups and Channels
Since criminals often migrate between the different chat applications, it is crucial for law enforcement and security agencies to rely on wide dark web coverage to stay on top of the latest and most relevant chat messaging applications cybercriminals are using.
Here at Webz.io, we deliver the most relevant, up-to-the-minute data from the deep, dark, and open web to our customers. Armed with data from our Cyber API, cybersecurity organizations, law enforcement officials and security agents can continually discover dozens of new Telegram groups and channels and other relevant sources with our AI-based automatic discovery tools