Automating Image Abuse: deepfake bots on Telegram

Sensity Team 10/20/2020
Automating Image Abuse - Deepfake Bots on Telegram

Today we go public with the findings of a new Sensity investigation into a newly uncovered deepfake ecosystem on the messaging platform Telegram. The focal point is an AI-powered bot that allows users to photo-realistically “strip naked” images of women, an evolution of the infamous DeepNude emerged in 2019. We collect the findings of our threat intelligence team into a new report that you can download here.

Compared to similar underground tools, the bot dramatically increases accessibility by providing a free and simple user interface that functions on smartphones as well as traditional computers. To “strip” an image, users simply upload a photo of a target to the bot and receive the processed image after a short generation process. Our investigation of this bot and its affiliated channels revealed several key findings: 

At least 104,852 women have been targeted and had their personal “stripped” images shared publicly as of the end of July 2020. The number of these images grew by 198% in the last 3 months until July.

Do you want get access to the world largest database of detected deepfakes?

  • Self-reporting by the bot’s users indicated that 70% of targets are private individuals whose photos are either taken from social media accounts or private material. 
  • A limited number of bot-generated images shared publicly across affiliated channels featured targets who appeared to be underage. 
  • The bot and its affiliated channels have attracted approximately 101,080 members worldwide, with 70% coming from Russia and ex-USSR countries. 
  • The bot received significant advertising via the Russian social media website VK, which itself features related activity across 380 pages. 
  • These findings also allude to broader threats presented by the bot. Specifically, individuals’ “stripped” images can be shared in private or public channels beyond Telegram as part of public shaming or extortion-based attacks.

Given the sensitive nature of this investigation, we have omitted key information to protect victims and avoid publicizing identifying information for the bot and its surrounding ecosystem. All sensitive data discovered during the investigation detailed in this report has been disclosed with Telegram, VK, and relevant law enforcement authorities. We have received no response from Telegram or VK at the time of this report’s publication.

Update: On the last day before the report publication, we came across a new web page that advertises the bot. The page shows staggering statistics on the number of people targeted by the bot: more than 680.000, well above our estimation based on images shared publicly by users.

Share the article:

Next Articles

what is KYC verification

What is KYC Verification? Everything You Need to Know

KYC is the practice of verifying an individual’s identity in compliance with laws and regulations, primarily for Anti-Money Laundering purposes. In response to the pronounced inability to detect and prevent online fraud, the KYC process has been introduced to reduce instances of illegal transactions. The increasing adoption of technologies led to the rise in cases […]
Sensity Team
How to Detect Deepfake Online

How to Detect a Deepfake Online

In this blog post let’s try to understand how to detect a deepfake online in a few seconds. It is actually very simple by using Sensity. With an intuitive and accessible user interface, Sensity is commodifying the technology for detecting deepfake videos and GAN generated faces. You can easily drag & drop multiple videos and […]
Sensity Team