Administrators of 35 Telegram channels arrested for selling fake COVID-19 vaccination certificates

Italian authorities, in collaboration with cybersecurity specialists, reported the dismantling of a cybercriminal group dedicated to a scam related to the preparation and sale of fake COVID-19 vaccination certificates through various Telegram channels.

Through a statement, the Milan Cybercrime Prosecutor’s Office revealed that its collaboration with the security firm Group-IB made it possible to identify various individuals who managed some 35 different Telegram channels, where fake vaccination certificates with QR codes were allegedly sold.

These certificates, also known as Green Pass, have been implemented by the governments of multiple countries in order to validate that the holder has received the complete vaccination scheme against the coronavirus. Since last summer, Italy has been demanding the use of the Green Pass as part of its health policies, which is extensive for tourists, students and workers of public and private institutions.

In its report, Group-IB points out that the operators of this scam gained access to the certificates of some health workers, which they used to create hundreds of false records and deceive those interested in moving freely around Europe without having to actually apply the vaccine. The clients of this group only had to enter a secret channel on Telegram and send some personal data so that the hackers could draw up the forged certificate.

Payment for this service had to be completed through multiple methods, including Bitcoin and Ethereum transfers and even through PayPal and gift cards on Amazon. When users sent their personal information and payment details to hackers, the group simply deleted the Telegram chat and disappeared without a trace.

These channels came to attract more than 100,000 Telegram users and offered this fake certificate for about $130 USD. At the moment it is unknown how many people were scammed and if some of the customers actually received this false certificate, although the Italian authorities are still investigating the case. Group-IB published an extensive report on this research.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.