Click here to read our latest report: Going Dark: The Inverse Relationship between Online and On-the-Ground Pre-offence Behaviours in Targeted Attackers

The Risks of a Telegram Crypto-Wallet

The Risks of a Telegram Crypto-Wallet
4th May 2020 Andrew Mines
In Insights

Last month, a federal judge in the U.S. District Court for the Southern District of New York ruled in favour of the U.S. Securities and Exchange Commission (SEC) in its lawsuit against Telegram for failing to register its digital asset, Grams, with the SEC. This was a major blow to Telegram, which had hoped to create a new, preeminent crypto-wallet seamlessly integrated into its well-known and widely-used encrypted messaging application.

While proponents of cryptocurrencies rallied behind Telegram in the wake of the ruling, it is important not to overlook the potential risk posed by terrorists, extremists, and other criminal actors who already exploit Telegram’s messaging service in furtherance of their goals. Telegram’s encrypted messaging application provides these actors a secure way to communicate, disseminate propaganda, and share illegal content, among other services. Providing them a means to transfer and store money anonymously could prove a highly risky venture.

How did we get here?

In early 2018, Telegram’s owners raised $1.7 billion from 175 entities and investors through initial token sales for its then soon-to-be-released cryptocurrency, Grams. Grams would be supported by Telegram’s blockchain—the Telegram Open Network (TON)—a decentralised, distributed ledger that records digital transactions between anonymous users. The plan was for initial investors to resell their tokens to the public with the launch of Grams on the TON blockchain, with profits expected to range from 172% to 852% of their initial purchase from Telegram in the resale. Grams would then be integrated into Telegram’s messaging service soon after launch.

Before Grams could go public, however, the SEC filed against Telegram in October 2019 for failing to register Grams as a security. Registration would have subjected Grams to a host of SEC regulations, including critical anti-money laundering and counter terrorism financing responsibilities. Some of those responsibilities include establishing and implementing an effective anti-money laundering program, and transparent suspicious activity reports (SAR). After months of legal proceedings, the court ruled that Grams was an unregistered securities offering and granted the SEC’s motion for an injunction. This injunction prohibited Telegram from delivering Grams to its initial investors. After the ruling came in late March, Telegram appealed the injunction up the chain to the U.S. Court of Appeals for the Second Circuit. The case is currently pending.

Terrorists, extremists, and other criminal actors on Telegram

Since its release in 2013, Telegram Messenger has exploded as one of the world’s most popular messaging applications, surpassing 200 million monthly users in 2018. Research on Telegram as a digital communications technology has also expanded substantially during the past few years to cover a number of communities, from jihadists to right wing extremists to other criminal actors. These studies explore different ways that malignant actors exploit Telegram for their gain.

Islamic State’s English-language supporters, for example, use Telegram’s internal file-sharing capabilities predominantly to share and distribute Islamic State-related material. More recently, Telegram has become a haven for white supremacists, with a notable surge in the number of channels reportedly created in 2019. In Syria, rebel fighters in the country’s northwest advertise weapons on the platform, from explosives to suicide belts to advanced firing systems, creating virtual weapons marketplaces. Beyond terrorists and armed non-state actors, Telegram also offers child sex offenders access to images of child sexual abuse, as well as a gateway to broader sexual exploitation and human trafficking markets. Criminal actors use Telegram to their advantage despite widespread takedown efforts in partnership with law enforcement that struggle to keep groups like Islamic State off the platform.

How do terrorists and extremists use cryptocurrencies?

Terrorists and extremists are, by necessity, innovative, and observers are starting to see these actors enter the crypto market. In the U.S., one Islamic State supporter was able to defraud numerous financial institutions of over $60,000 by laundering funds through cryptocurrencies like Bitcoin into fiat currency, depositing them into her bank account, and transferring them alongside another $90,000 in bank loans and personal savings to various Islamic State-linked individuals and entities overseas. Another American Islamic State supporter used his Twitter account as a platform to instruct the group’s supporters on how to use Bitcoin and the crypto-wallet application Dark Wallet to send anonymous donations to the Islamic State. Elsewhere in the U.S., right wing extremists are also starting to make use of cryptocurrencies. Sites like Stormfront and the Daily Stormer maintained crypto-wallets worth more than $30,000 and $300,000, respectively.

These cases are minuscule compared to larger ones involving cyber theft and narcotrafficking through cryptocurrencies by more sophisticated actors. Just last month, the U.S. Department of Justice released a statement detailing how North Korean nationals hacked into a virtual currency exchange and stole nearly $250 million, which they then laundered through hundreds of automated cryptocurrency transactions. In 2016, the DEA busted a China-sourced fentanyl distribution operation in Salt Lake City and seized $1.2 million in US flat currency and $2 million in virtual currencies like Bitcoin, which customers were using to purchase fentanyl and other counterfeit pills. In fact, the DEA’s 2018 National Drug Threat Assessment highlighted that bust as part of a larger trend in which transnational criminal organisations increasingly relied on cryptocurrencies to launder money.

What happens from here?

In many respects, Telegram is unique. This is the first time a globally renowned and widely-used encrypted messaging application has attempted to develop and integrate a sophisticated crypto-wallet into its messaging application. If Telegram were to seamlessly integrate the two, it is likely that terrorists, extremists, and other criminal actors will use the encryption and anonymity provided by both services to circumvent financial regulators and exchange and store funds online with relative impunity.

Although the above examples show that terrorists and extremists do not currently exploit cryptocurrencies on the same scale as narcotraffickers and sophisticated cyber thieves, this does not minimize their risk. Stopping any or all of those actors, however, raises a larger question about regulation of cryptocurrencies in the United States. Some states like New York have developed preliminary cryptocurrency regulations, but they vary dramatically from state to state and even more so on a global level.

Quite simply, there is an absence of a comprehensive legal framework in the U.S. to address and regulate cryptocurrencies. Such a framework has the potential to lead the world with the weight of the U.S. financial sector, which led the charge in building a successful counter terrorism financing regime following 9/11. The ongoing legal battle between Telegram and the SEC presents a unique opportunity for policymakers to develop that framework. In fact, the SEC already possesses a number of anti-money laundering and counter-terrorism financing programs that address risk management, transparency, and illicit activity reporting. The same principles that are applied to traditional financial institutions should be applied to the cryptocurrency market.

For now, terrorists will likely struggle to adopt widespread use of cryptocurrencies from the organisational to the individual level on the same scale as sophisticated cyber hackers and narcotraffickers. If this space is left unchecked for too long, however, terrorists and other extremist actors will likely adhere to their innovative nature and continue to adopt and exploit  new technologies as they confront new challenges to their organisations.