Telegram founder wants to explore web3-based auctions for custom usernames

Telegram founder Pavel Durov said Monday that he wants to integrate web3 into the messaging app.

Durov said on his Telegram channel that he was impressed by the TON project — an independent project not affiliated with Telegram — and how it is used for domain name/wallet auctions. He noted that Telegram can replicate TON’s auction on the app by putting custom usernames, group, and channel links on the auction on blockchain — just like NFTs.

Blockchain-based domain naming systems like the Ethereum Name Service (ENS) and Solana Bonafida naming service have found popularity with Unstoppable Domain recently reaching unicorn status. If Telegram goes ahead with it, the custom link NFTs could be another way to earn revenue apart from ads and subscription services.

The Telegram founder also mentioned that the company is “inclined to try out TON” as a blockchain of choice for Telegram given its familiarity with the technology. The chat app already allows users to send toncoin to each other directly within the app. So an NFT marketplace based on that seems like a probable next step for web3 integration.

But it also comes with notable blockchain stumbles, too. A few years ago, the chat app also abandoned a TON blockchain project. In 2018, the company explored plans for Telegram Open Network (TON) blockchain project and a mega initial coin offering (ICO). The project gathered a lot of interest from various investors including Benchmark and Lightspeed Capital who put up $1.7 billion. However, after a legal fight with the U.S. Securities and Exchange Commission (SEC), Telegram was forced to abandon the project.

After Telegram stopped working on TON, various independent groups continued the development with Toncoin getting backing from Durov and winning the rights to website in 2021.

Here is Durov’s full message:

I’m really impressed by the success of the auction TON recently conducted for their domain/wallet names. Wallet.ton was sold for 215,250 Toncoin (~$260000) while casino.ton was sold for ~$244000.

If TON has been able to achieve these results, imagine how successful Telegram with its 700 million users could be if we put reserved @ usernames, group and channel links for auction. In addition to millions of catchy addresses like @storm or @royal, all four-letter usernames could be made available for sale (@bank, @club, @game, @gift etc).

This would create a new platform where username holders could transfer them to interested parties in protected deals – with ownership secured on the blockchain via NFT-like smart-contracts. Other elements of the Telegram ecosystem, including channels, stickers or emoji, could later also become part of this marketplace.

When it comes to scalability and speed, TON probably has the best technology to host such decentralized sales. Our team can write bullet-proof smart contracts for TON (since it was us who invented its smart-contract language), so we are inclined to try out TON as the underlying blockchain for our future marketplace.

Let’s see if we can add a little bit of Web 3.0 to Telegram in the coming weeks.

As Telegram grows in size, so does crypto traders’ dependence on the app

In the past few years, the crypto community has relied on social media sites like Twitter or messaging apps like Discord and Telegram to interact. But some say Telegram is the ultimate hub for communication and information — an imperative place to be in the crypto community.

“Telegram usage is the bedrock of the crypto community,” the founder of Telegram channel unfolded, who goes by the username nakamotocat, said to TechCrunch. “Projects have come and go, players have risen and fallen, but much of the discourse between various projects and market participants resides on Telegram, and that remains a constant.”

Nakamotocat began using Telegram in early 2017 after a friend recommended they sign up for it to meet and learn from like-minded people in crypto. About a year later, nakamotocat formed the “unfolded” channel to provide crypto market insights. Today, the channel has117,000 members.

WhatsApp extends time limit to delete a message to 60 hours

WhatsApp now allows you to delete a message for up to two days and 12 hours (60 hours in total), so you can remove an accidentally sent chat even after hours. Previously, this limit was 1 hour, 8 minutes, and 16 seconds — yep, there were seconds involved.

The company’s tweet about this feature just mentioned “little over two days,” but didn’t specify the 12-hour part.

WhatsApp first introduced the unsend feature back in 2017 with a time limit of just seven minutes but later increased it to one hour and eight minutes. Last year, WABetaInfo noted that the company might consider introducing a seven-day limit, but with this new update, it has chosen a rather odd time frame of two and a half days.

In comparison, rival chat app Telegram has no limit on deleting a message, so you can remove a chat years after sending it. Apple is moving in the other direction; after introducing the unsend feature for iOS 16 at its Worldwide Developer Conference (WWDC) in June, the company reduced the limit from 15 minutes to two minutes in the fourth version of the iOS 16 developer beta last month.

WhatsApp is also introducing new privacy features to its app including blocking screenshots for “view-once messages” and the ability to leave a group silently.

WhatsApp will now let you use any emoji as a reaction on WhatsApp

WhatsApp is rolling out a new update that will let you use any emoji as a reaction. The company first announced the emoji reaction feature in April, but started to make it available to everyone in May.  At that time, you could only react via six available emoji: thumbs up, heart, joined hands, tears of joy, mouth open, and crying face.

Mark Zuckerberg announced the new feature on Facebook saying “We’re rolling out the ability to use any emoji as a reaction on WhatsApp.” The company is making the extended emoji reaction feature available to everyone starting today, but in case you don’t see it in your app yet, you will get it in a few days.

To use any emoji for reaction, long press on a message, tap on the + button and pick an emoji through the full list. You’ll see the emoji you picked under the message.

Image Credits: WhatsApp

The new feature is just a fun visual addition that doesn’t limit you from using six preset emoji. The company is trying to one-up Telegram with this, given it allows a larger range of emoji reactions by default, but to unlock more, you have to buy its premium subscription launched last month.

Image Credits: Telegram

The emoji reaction feature is WhatsApp’s first big rollout in July after it launched features like Android to iPhone chat transfer and the ability to hide your last seen and profile picture from specific people.

Crypto hackers are increasingly phishing for new bait on social media

As more people enter the web3 ecosystem, there are increasing opportunities for hackers to attack. And during the second quarter, there was a significant rise in crypto-focused phishing attacks across social media sites, according to a new report.

There were 290 recorded attacks during the second quarter, up 170% from 106 in the first quarter, according to a Web3 Security Q2 2022 report by CertiK, a blockchain and DeFi security-focused platform backed by Goldman Sachs and others. While there are many day-to-day minor phishing attacks (or attempts) on individuals in the space, the major attacks are classified as events that resulted in crypto losses of $100,000 or more, the company told TechCrunch.

“Social media affects phishing attacks by providing a centralized, single point of failure via which hackers can dupe users into following malicious links,” Ronghui Gu, CEO and co-founder at CertiK, said to TechCrunch. “This in turn leads to users being robbed of their assets.”

The second quarter was filled with “losses” and hacks across the web3 ecosystem — and many aren’t expecting it to slow down. Since the beginning of the year, over $2 billion has been lost to hacks and exploits — racking up an amount larger than the entirety of 2021 in half the time, the report stated.

Instagram rolls out an account deletion option on iOS to comply with Apple’s new policy

You can now delete your Instagram directly from the mobile app. The Meta-owned social media app has now rolled out a new option that lets you opt to delete or deactivate your Instagram account on iOS in order to comply with Apple’s updated App Store Review Guidelines that now mandate all apps that offer account creation must also include account deletion within the app as well.

Until now, you had to log in to Instagram through a web browser on a desktop or mobile in order to delete your account. The company said it’s now introducing this option within its iOS app. Earlier you could deactivate the account through the app, but this doesn’t delete your data from Instagram’s servers. The app itself didn’t offer any information about the full deletion option, so many users may have simply deactivated their accounts instead of deleting them fully.

Image Credits: Instagram

Image Credits: Instagram

“We want to give people more ways to control their experience and time spent on Instagram. We’ve rolled out the option to delete your account in Settings on iOS, and you’ll still have the option to temporarily disable your account before choosing to delete it.” a Meta spokesperson said in a statement.

If you proceed with account deletion on the app, you still have 30 days to stop Instagram from removing your account. This is in line with Apple’s guidelines as the company says it’s acceptable if account deletion takes time after the initiation. However, it also works the same as deactivation in the sense that it gives users a cooling-off period during which time they may reconsider whether they want to leave the app entirely. If they launch the app again during this time frame, their account will no longer be queued for deletion.

Image Credits: Instagram

In May, Apple had informed developers that it will enforce a policy to mandatory include account deletion methods in apps from June 30. The Cupertino-based company said apps that don’t comply with these rules might face delays in review when they submit updates.

“If your app supports account creation, you must also offer account deletion within the app. Apps may not require users to enter personal information to function, except when directly relevant to the core functionality of the app or required by law,” the company said in its guidelines.

The firm had mentioned that simply offering deactivating accounts won’t be enough. It specified that apps should offer “delete the entire account record, along with associated personal data. You may include additional options, but only offering to temporarily deactivate or disable an account is insufficient.”

As shown in the screenshot above, Instagram still highlights the deactivation option as the primary choice by using a big blue button that encourages users to click through. Meanwhile, the deletion option below that isn’t highlighted.

Other apps are also now coming into line with Apple’s new policy. Meta-owned WhatsApp and Signal offer account deletion within their apps, but Spotify — a frequent Apple critic and antitrust agitator —  only offers a link to an account deletion page. Telegram also doesn’t offer an option to delete an account. TechCrunch has reached out to these companies to ask if they plan to update their apps to comply with Apple’s policy and will update if we hear back.

Telegram tops 700 million users, launches premium tier

Telegram has amassed over 700 million monthly active users and is rolling out a premium tier with additional features as the instant messaging platform pushes to monetize a portion of its large user base. The firm did not disclose how much it is charging for the premium tier, but the monthly subscription appears to be priced in the range of $5 to $6.

The premium tier adds a range of additional and improved features to the messaging app, which topped 500 million monthly active users in January 2021. Telegram Premium enables users to send files as large as 4GB (up from 2GB) and supports faster downloads, for instance, Telegram said.

Paying customers will also be able to follow up to 1,000 channels, up from 500 offered to free users, and create up to 20 chat folders with as many as 200 chats each. Telegram Premium users will also be able to add up to four accounts in the app and pin up to 10 chats.

The move is Dubai-headquartered firm’s attempt to keep its development “driven primarily by its users, not advertisers,” it said. It’s also the first time an instant messaging app with hundreds of millions of users has rolled out a premium tier. Signal, WhatsApp, Facebook Messenger, Apple’s Messages and Google’s Messages, some of Telegram’s top rivals, don’t offer a premium tier.

Some analysts had earlier hoped that Telegram would be able to monetize the platform through its blockchain token project. But after several delays and regulatory troubles, Telegram said in 2020 that it had abandoned the project and offered to return $1.2 billion it had raised from investors.

In March 2021, Telegram raised over $1 billion from a number of investors including Mubadala and Abu Dhabi Catalyst Partners by selling 5-year pre-IPO convertible bonds.

“Today is an important day in the history of Telegram – marking not only a new milestone, but also the beginning of Telegram’s sustainable monetization,” the firm said in a blog post Sunday.

Telegram founder and chief executive Pavel Durov said earlier this month the move to launch a premium tier was intended to respond to user demand for additional storage/bandwidth.

“After giving it some thought, we realized that the only way to let our most demanding fans get more while keeping our existing features free is to make those raised limits a paid option,” he said.

In India, the premium version is priced at $6 for iPhone users. Alex Barredo, a Spain-based technology commentator, reported seeing €5.49 ($5.77) as the monthly cost. A Telegram spokesperson did not immediately respond to a request for comment.

Premium users will also have the ability to convert voice messages into texts, gain access to exclusive stickers and reactions and use animated pictures as their profile photos. Paying customers will also be able to avoid seeing ads on the app. (In some markets, sponsored messages are shown in large, public one-to-many channels.)

Durov has pledged to keep a number of core features in the app free to users and also continue to build new features for the non-paying audience.

On Sunday, the firm said it is rolling out a feature, called join requests, to enable all users to join a public group without the need for an invite link. Another new feature aimed at free users will make it possible for verified groups and channels to show their badge at the top of the chat. The new update also supports rendering of animations at120 frames per second for new iPads and iPhones.

“This update includes over 100 fixes and optimizations to the mobile and desktop apps – eliminating bugs, improving speed, and expanding minor features,” Telegram said.

Telegram confirms it’ll launch a premium sub this month

Free messaging app Telegram is getting into the subscription game.

Founder Pavel Durov confirmed today a paid offering is coming later this month which will go above and beyond the current free experience — so a premium offer — without, per the post on his Telegram channel, any negative changes to existing features for (non-paying) users.

Indeed, the claim is that users who don’t pay for Telegram will not only not see any degrading of their experience but stand to benefit by being able to (freely) tap into certain premium extras — such as the ability to view “extra large” documents, media and stickers sent by Premium users, or add premium reactions if they’ve already been pinned to a message.

Durov says the move is intended to respond to user demand for additional storage/bandwidth — without such super users destroying Telegram’s ability to sustain a free service for everyone else.

“After giving it some thought, we realized that the only way to let our most demanding fans get more while keeping our existing features free is to make those raised limits a paid option,” he writes.

Exact details of what Premium users will get — and how much it will cost — are not detailed in Durov’s post. But, in recent days, press reports of incoming premium features and pricing have emerged, via the beta app, which suggest it could include stuff like increased file upload size, faster download speeds, voice-to-text conversion, premium stickers, advanced chat management features and more (no ads!).

A price of $4.99 per month has also been reported based on analysis of the beta app. But it remains to be seen what the official pricing will be in different regions.

In his post, Durov sums up Telegram Premium as “a subscription plan that allows anyone to acquire additional features, speed and resources”. He’s also spinning it as a bit of a patronage layer — pitching Telegram super fans who want to support the platform by making a financial contribution. Those that do will get the perk of joining a Premium “club” that will get new features first, he adds.

It’s not clear whether the Premium play is intended by Telegram to just cover costs for extra resources or to generate extra revenue. But given Durov’s framing of “support” it may be that he’s hoping to convert a meaningful portion of Telegram super fans into sustained financial backers. (Albeit, that will ofc depend on uptake of the Premium product.)

The startup’s plan for monetizing its 500 million+ monthly active users still isn’t crystal clear — some nine years into Telegram’s messaging joy ride. (And many months after an earlier attempted foray into crypto foundered.)

In recent times, Telegram has resorted to taking in external funding to pay its server bills — including more than $1 billion in debt financing last year.

On monetization, Durov has talked about wanting a non-intrusive, privacy-friendly way to sustain usage over the long term. Although the platform has been experimenting with ads in public one-to-many channels. Still, Telegram’s principled founder still seems wary of relying on an ad-funded model, writing today: “I believe that Telegram should be funded primarily by its users, not advertisers.”

Lapsus$ hacking group claims software consultancy giant Globant as its latest breach victim

Just days after police in the U.K. arrested seven people over suspected connections to the now-infamous hacking and extortion group, Lapsus$ is claiming its latest victim.

Lapsus$, whose recent victims include Okta, Microsoft, Nvidia and Samsung, now claims to have breached Globant, a Luxembourg-based software development consultancy. After declaring itself “back from vacation” on Wednesday, the group published a 70 gigabyte torrent file on its Telegram channel with data allegedly stolen from the company, which the hackers claim includes its corporate customers’ source code.

The hackers also published a list of company credentials used to access its source code sharing platforms, including GitHub, Jira, Crucible and Confluence. Malware research group VX-Underground tweeted a redacted screenshot of the hackers’ Telegram post, which shows the group posting what they claim to be Globant’s passwords, which if confirmed would be easily guessable by an attacker.

Prior to publishing the torrent file, Lapsus$ also shared screenshots of a file directory that contains names of several companies believed to be Globant customers, including Facebook, Citibank and C-Span.

Globant also lists a number of high-profile customers on its website, including the U.K. Metropolitan Police, software house Autodesk and gaming giant Electronic Arts. At least one member of Lapsus$ was involved with a data breach at Electronic Arts last year, though it’s unclear if the two incidents are linked.

SOS Intelligence, a U.K-based threat intelligence provider that analyzed the leaked data, told TechCrunch that “the leak is legitimate and very significant, as far as Globant and Globant impacted customers are concerned.”

Amir Hadzipasic, the intelligence provider’s chief executive, says the data includes a large amount of GitHub source code that appears to belong to Globant, along with a number of repositories that contain “very sensitive information” such as TLS certificate private keys and chains, Azure keys and API keys for third-party services. SOS Intelligence also found a collection of around 7,000 candidate resumes, over 150 databases and a “large number” of private keys for a number of different services.

TechCrunch contacted Globant with a number of questions about the breach but has yet to receive a response. We have also yet to receive a response from any of the Globant customers we approached for comment.

This latest breach comes just days after U.K. police arrested seven people connected to the Lapsus$ group, all aged between 16 and 21. In response to questions about the arrests on its Telegram channel, Lapsus$ claimed no members of the gang were arrested.

Ukrainians turn to encrypted messengers, offline maps and Twitter amid Russian invasion

Ukrainians have turned to offline mapping and encrypted communication apps in the wake of the Russian invasion of their country, which is displacing millions who have left their homes to either fight back or flee to neighboring countries. According to data from app store intelligence firm Apptopia, over the past several days Ukrainians have been downloading various communication apps, offline maps, and others where they can keep up with the latest news and information, like Twitter and streaming radio apps.

Currently, the top five apps in the country’s iOS App Store include the private messenger Signal, messaging app Telegram, Twitter, and offline messengers Zello and Bridgefy. Elsewhere in the top 10 is WhatsApp; Maps.Me, an offline maps app that’s now ranking a half dozen spots higher than Google Maps, which has now just pulled its live traffic info dubbed a security risk); and Starlink’s app from Space X — the latter which jumped up 39 spots after Elon Musk announced the satellite internet service was now active in the country. (Of course, to what extent the service is actually viable in the places it’s needed may be reflected in the app’s rank going forward.)

Among the top messaging apps, some saw greater adoption than others.

From the start of the Russian invasion on Feb. 24, 2022, through Sunday, Feb. 27, 2022 Telegram topped the charts with 54,200 new installs across both the App Store and Google Play combined — a 25% increase from the same time period in January. Meanwhile, the offline messaging app Bridgefy saw the largest percentage increase in new installs, growing a whopping 4,730.8% month-over-month from just 591 downloads during the same period last month to now 28,550 new installs over the past few days.

Another walkie-talkie app, Zello, grew downloads 99.3% from 12,540 in Jan. 24-27 to 24,990 during Feb. 24-27. Signal’s gains percentage-wise were a more modest 20.6%, but it has fairly strong adoption with 39,780 installs during the same time last month and 47,990 during the past several days.

Of course, not all messaging apps are created equally when it comes to security.

Signal is the most secure app, offering end-to-end encryption, with no data collected beyond an account creation date. Telegram, meanwhile, doesn’t offer end-to-end encryption by default, but it allows users to manually enable an encrypted “secret chats” feature. However, Telegram has been criticized by Signal’s founder Moxie Marlinspike for not being as secure as it claims, and those claims have been backed up by other security researchers and cryptographers over the years.

Recently, Marlinspike took to Twitter to again remind Ukrainians that Telegram was not secure, tweeting that Telegram is by default a cloud database with a plaintext copy of every message everyone has ever sent or received.

Walkie-talkie app Zello is allegedly end-to-end encrypted in one-to-one and group conversations, but it’s worth noting the company had faced a security breach in 2020. The popular protest app Bridgefy, which relies on Bluetooth and mesh network routing, has also faced a host of security issues over the past years. The app spiked in usage during protests in Hong Kong, India, Iran, Lebanon, Zimbabwe, and the U.S., but in 2020 was found to have serious vulnerabilities that led to it being dubbed a “privacy disaster.”

Though the company later rolled out support for end-to-end encryption, cryptographers who analyzed the app in 2021 have found those fixes to be insufficient.

Outside of messengers, other apps that have surged in Ukraine in recent days include those for streaming radio and Twitter.

Typically, Twitter ranks No. 1 in the News category on iOS, but its Overall rank tends to be around No. 90-130. As of Sunday, however, it’s No. 4 on Ukraine’s iOS App Store Top Overall chart, up 2 ranks from the day prior, and it’s No. 28 on Google Play, up 15 ranks. On that day, Twitter saw around 7,000 more downloads on iOS and Android, a lifetime high in terms of daily downloads.

Image Credits: Apptopia: Ukraine App Store 2/27/22

Streaming radio apps, Radios Ukraine and Simple Radio, have moved higher on the App Store as well, now sitting at No. 19 and No. 21, respectively. (Facebook is in between at No. 20.)

Google Play’s Top Charts in the country look a little different.

Signal, Bridgefy, Telegram, and Zello are also in the top 5 here, but so is Briar, an Android-only peer-to-peer messenger offering end-to-end encryption. Offline maps app Maps.Me is No. 11, and another two-way walkie-talkie, called simply Two Way, is No. 15., followed by WhatsApp.

Image Credits: Apptopia: Ukraine Google Play Store 2/27/22

On both app stores, a number of games sit in the top charts as well — likely downloaded to entertain the kids while families hide in makeshift bomb shelters or travel long distances to safety.

Elsewhere in the world, the Russia-Ukraine war is driving other apps to the top charts, Apptopia also noted.

In the U.S., news apps CNN and Fox News both spiked in recent days, while The Washington Post saw a record number of daily installs (15,000) ahead of the invasion on Feb. 19, as tensions between the countries were rising.

Image Credits: Apptopia: US users download news apps

And now that Russia has locked down access to news and social media, demand for VPN apps has grown. The top five VPN apps saw a sizable jump in daily downloads after Russia began restricting access to social media apps like Facebook and Twitter in the country, Apptopia found, as users downloaded tens of thousands more VPN apps per day than is usual. Russians should note, however, that VPNs aren’t necessarily good for security. As they just route internet traffic through someone other than your ISP, your security really depends on how much you trust your VPN provider.

Image Credits: Apptopia: Russian VPN apps spike

Additional reporting: Zack Whittaker