Russia Warns of Telegram Account Hijack Scam Using Fake Bots

Cybercriminals are using spoofed Telegram bots to hijack accounts and demand ransom, exploiting a flaw in user behavior and automated reporting systems.

Russian cybersecurity specialists have flagged a new scam targeting Telegram users through fraudulent bots. Attackers send links prompting users to click the 'Start' button, which activates a fake bot interface that appears to be a Telegram Wallet or Support Bot. The twist: control of the bot is transferred to the user, making them seem like the source of suspicious activity.

Soon after, a flood of mass complaints is directed at the compromised account, triggering Telegram’s automated security systems to block the user. Once the account is disabled, the attackers reach out to the victim and offer to restore access—for a price. Security experts note that in many of these cases, account recovery is technically impossible, making the ransom demand even more coercive.

Meanwhile, Russian developers are working on defenses. A student at the Moscow Aviation Institute recently introduced a cybersecurity system designed to protect web applications with multi-layered defense. The system, dubbed 'Digital Fortress,' uses tiered protection, with each layer targeting a specific class of threats.

Experts also remind users that many cyberattacks succeed because of user negligence—clicking unknown links, opening shady messages, or connecting to public Wi-Fi networks. Following basic digital hygiene remains one of the most effective safeguards against these schemes.