Automating Image Abuse: deepfake bots on Telegram

Francesco Cavalli 10/20/2020

Today we go public with the findings of a new Sensity investigation into a newly uncovered deepfake ecosystem on the messaging platform Telegram. The focal point is an AI-powered bot that allows users to photo-realistically “strip naked” images of women, an evolution of the infamous DeepNude emerged in 2019. We collect the findings of our threat intelligence team into a new report that you can download here.

Compared to similar underground tools, the bot dramatically increases accessibility by providing a free and simple user interface that functions on smartphones as well as traditional computers. To “strip” an image, users simply upload a photo of a target to the bot and receive the processed image after a short generation process. Our investigation of this bot and its affiliated channels revealed several key findings: 

At least 104,852 women have been targeted and had their personal “stripped” images shared publicly as of the end of July 2020. The number of these images grew by 198% in the last 3 months until July.

Do you want get access to the world largest database of detected deepfakes?

  • Self-reporting by the bot’s users indicated that 70% of targets are private individuals whose photos are either taken from social media accounts or private material. 
  • A limited number of bot-generated images shared publicly across affiliated channels featured targets who appeared to be underage. 
  • The bot and its affiliated channels have attracted approximately 101,080 members worldwide, with 70% coming from Russia and ex-USSR countries. 
  • The bot received significant advertising via the Russian social media website VK, which itself features related activity across 380 pages. 
  • These findings also allude to broader threats presented by the bot. Specifically, individuals’ “stripped” images can be shared in private or public channels beyond Telegram as part of public shaming or extortion-based attacks.

Given the sensitive nature of this investigation, we have omitted key information to protect victims and avoid publicizing identifying information for the bot and its surrounding ecosystem. All sensitive data discovered during the investigation detailed in this report has been disclosed with Telegram, VK, and relevant law enforcement authorities. We have received no response from Telegram or VK at the time of this report’s publication.

Update: On the last day before the report publication, we came across a new web page that advertises the bot. The page shows staggering statistics on the number of people targeted by the bot: more than 680.000, well above our estimation based on images shared publicly by users.

Share the article:

Next Articles

Automating Image Abuse: deepfake bots on Telegram

In this blog post let’s try to understand how to detect a deepfake online in a few seconds. It is actually very simple by using Sensity. With an intuitive and accessible user interface, Sensity is commodifying the technology for detecting deepfake videos and GAN generated faces. You can easily drag & drop multiple videos and […]
Francesco Cavalli

Automating Image Abuse: deepfake bots on Telegram

We are proud to share Spot Deepfakes, a project we contributed to, led by Microsoft and the University of Washington’s Centre for an Informed Public. Of the many threats posed by deepfakes, none have drawn more public concern than those affecting politics. Many have warned of deepfakes’ potential to destabilize democratic processes and enhance political […]
Francesco Cavalli