
Earlier this week, Pavel Durov announced on his Telegram channel that scammers are extorting messenger users by demanding rare gifts, virtual numbers, and usernames.
According to Durov, some gifts, numbers, and usernames were once purchased for just a few dollars, but can now be sold for over $100,000, which has attracted the attention of scammers.
“We are encountering situations where scammers are extorting users, forcing them to hand over these valuable collectible items. There are also reports of channels demanding money under the threat of leaking personal or confidential data. Some have even turned this into a business model—posting dangerous content and then charging for its removal,” said the founder of Telegram, calling these activities “illegal and immoral.”
In his message, Durov asks all users who have faced threats and extortion to send him personal messages “with the maximum possible amount of evidence.”
“We will remove these malicious actors from our platform and make Telegram a safe place for everyone,” assures Durov.
However, shortly after the first message, the founder of the messenger posted a second one with a small clarification. The fact is that sending a message to Durov is only possible for a fee, costing 5000 stars (Telegram’s internal currency), which is approximately 100 dollars.
Therefore, the second message clarified that attempts at blackmail and threats can also be reported free of charge—through Telegram’s support service (@notoscam) by using the hashtag #blackmail.

2025.04.12 — Hackers compromised a bureau within the U.S. Department of the Treasury and spent months in hacked systems
The Office of the Comptroller of the Currency (OCC), an independent bureau within the United States Department of the Treasury, reported a major cybersecurity incident. Unknown attackers had…
Full article →
2025.03.26 — Cloudflare to block all unencrypted traffic to its APIs
According to Cloudflare, effective immediately, only secure HTTPS connections to api.cloudflare.com will be accepted; while all HTTP ports are to be closed. The purpose of this decision…
Full article →
2025.03.07 — YouTube warns of scam video featuring its CEO
According to YouTube, scammers use an AI-generated video of the company's CEO in phishing attacks to steal user credentials. The scammers attack content creators by sending them…
Full article →
2025.02.05 — Google patches Android zero-day vulnerability exploited by hackers
Google released the February set of patches for Android. In total, they fix 48 bugs, including a kernel zero-day vulnerability actively exploited by hackers. The zero-day's…
Full article →
2025.04.10 — April updates released by Microsoft cause issues with Windows Hello
Microsoft warns that some Windows users who have installed the April updates might be unable to login to their Windows services using Windows Hello facial recognition…
Full article →
2025.02.17 — Dutch police seize 127 servers belonging to Zservers hosting provider
Following the introduction of international sanctions against Zservers, Russian 'bulletproof' hosting services provider, the Dutch National Police (Politie) shut down and seized 127 servers belonging to Zservers/XHost.…
Full article →
2025.01.28 — J-magic backdoor attacked Juniper Networks devices using 'magic packets'
A massive backdoor attack targeting Juniper routers often used as VPN gateways has been uncovered. The devices were attacked by the J-magic malware that…
Full article →
2025.02.07 — 768 vulnerabilities were exploited by hackers in 2024
According to VulnCheck, 768 CVEs were registered as exploited in real-life attacks in 2024. This is 20% greater compared to 2023 when hackers exploited 639 vulnerabilities. Interestingly,…
Full article →
2025.04.01 — Hackers abuse MU plugins to inject malicious payloads to WordPress
According to Sucuri, hackers store malicious code in the MU-plugins (Must-Use Plugins) directory in WordPress and execute it while remaining undetected. The technique was first discovered…
Full article →
2025.03.05 — Polish Space Agency disconnects its network due to hacker attack
Last weekend, the Polish Space Agency (POLSA) had to disconnect all of its systems from the Internet to localize an attack targeting its IT infrastructure. After discovering the intrusion,…
Full article →