An unknown attacker hacked the Telegram account of Australian Finance Minister Simon Birmingham and began sending messages on his behalf to the politician's contacts.
The Australian federal police have confirmed unauthorized activity on the politician's account and have already started a phishing scam investigation. The Australian Communications and Media Authority (ACMA) also involved the country's cyber intelligence agency in this case.
According to the investigation, the hacker sends messages to Birmingham's colleagues on behalf of the government with a proposal to install Telegram for further communication. However, the police do not specify any names or the purpose and consequences of the attacker's deception.
In early March, fraudsters who used Telegram bots to blackmail users appeared in Russia. Internet scammers actively used Telegram bots that collect personal data to blackmail Russians.
An example was LeakCheck's MailSearchBot, which was initially created to check leaked passwords. It's is a paid service that invites users to find out whether their data was in the public domain by checking through their phone number. In the free version of the bot, part of the password is hidden, and it was these data that scammers used to blackmail users via email.
Money was extorted from the victims so that their data would not be revealed to friends, relatives, or colleagues. The hackers also presented themselves as the members of the support team and offered to change the compromised password, thereby gaining full access to the account.
LeakCheck claims that MailSearchBot does not keep a history of requests, so it is impossible to contact scammers. At the same time, limiting the number of requests to the bot will not help in the fight against hackers since it can be easily bypassed by simply changing the account.