IntelSecurity IncidentRU
HIGHSecurity Incident·priority

Telegram under pressure: hacked channels, bribery probe, and a zero-day scam network

Intelrift Intelligence Desk·Wednesday, July 8, 2026 at 01:06 PMEurope (Russia)3 articles · 2 sourcesLIVE

On July 8, 2026, Russian outlets reported two separate but thematically linked information-security shocks involving Telegram. Kommersant said attackers hacked the Telegram channels “Кровавая барыня” and “Собчак,” both tied to the “Осторожно Media” holding, and the editorial team was working to restore access. Earlier the same day, Kommersant reported that the Investigative Committee (SKR) concluded a corruption case against the editor of the Telegram channel “Сапа,” Aлина Джикаева, who allegedly paid a police officer 285,000 rubles for access to official information. In parallel, KrebsOnSecurity described a cybersecurity startup that sought to buy zero-day vulnerabilities with millions of dollars, but whose operators were far-right conspiracy theorists and convicted felons, with prior ventures including fake intelligence companies and an AI-based lobbying platform that later shut down. Taken together, the cluster points to a broader contest over information channels, where cybercrime, political influence operations, and law-enforcement penetration can reinforce each other. Telegram’s role as a fast, semi-public distribution layer makes it attractive for both monetized fraud and targeted messaging, while corruption allegations suggest that official information can be traded for access and advantage. The zero-day “market” described by KrebsOnSecurity also raises the risk that vulnerability acquisition efforts are being used as cover for scams, reputational laundering, or coercive influence, rather than legitimate security research. In this environment, the likely beneficiaries are actors who can monetize attention and exploit trust, while the losers include mainstream media credibility, public trust in security ecosystems, and law-enforcement capacity to deter information-market manipulation. Market implications are indirect but real, especially for Russia-linked media, cybersecurity, and compliance-sensitive technology spending. The hacking and bribery narratives can increase perceived regulatory and reputational risk for platforms and vendors that rely on Telegram-adjacent distribution, potentially pressuring ad-tech and digital media budgets toward higher compliance costs. The zero-day procurement story can also affect investor sentiment around “vulnerability brokerage” models, where funding and partnerships may face sharper scrutiny, raising the cost of capital for similar startups. While no specific commodity or FX move is explicitly reported in the articles, the likely financial transmission runs through cybersecurity insurance pricing, incident-response demand, and the risk premium on information-security services. What to watch next is whether the “Осторожно Media” channels regain control without further compromise, and whether Telegram users see sustained impersonation or phishing attempts tied to the hacked accounts. For the “Сапа” case, the key trigger is any escalation from alleged bribery into broader disclosure of how official information was accessed, including whether additional intermediaries or police units are named. On the cybersecurity startup front, the critical indicators are regulatory or platform actions, evidence of actual zero-day purchases, and whether victims or counterparties report fraud or non-delivery. Over the next days to weeks, escalation would be signaled by additional channel takeovers, new SKR-related filings, or public enforcement steps that clarify whether these schemes are isolated criminal activity or part of a wider influence-and-cybercrime network.

Geopolitical Implications

  • 01

    Information-channel insecurity can amplify influence operations by enabling impersonation, monetized disinformation, and rapid narrative manipulation.

  • 02

    Corruption involving access to official information indicates potential vulnerabilities in state information governance and internal security controls.

  • 03

    The emergence of a semi-illicit zero-day procurement ecosystem can blur lines between cybercrime, influence activities, and legitimate security research, complicating deterrence.

Key Signals

  • Forensics and recovery status from “Осторожно Media” after the Telegram hacks; any public indicators of account re-compromise.
  • SKR follow-on actions: additional defendants, named intermediaries, or links to specific police units.
  • Regulatory or platform enforcement against the zero-day startup model, including evidence of fraud claims by counterparties.
  • User-facing indicators: phishing links, fake announcements, and sudden changes in posting patterns on the affected channels.

Topics & Keywords

TelegramОсторожно MediaКровавая барыняСобчакСапаАлина ДжикаеваСКРzero-day vulnerabilitiescybersecurity startupKrebsOnSecurityTelegramОсторожно MediaКровавая барыняСобчакСапаАлина ДжикаеваСКРzero-day vulnerabilitiescybersecurity startupKrebsOnSecurity

Market Impact Analysis

Premium Intelligence

Create a free account to unlock detailed analysis

AI Threat Assessment

Premium Intelligence

Create a free account to unlock detailed analysis

Event Timeline

Premium Intelligence

Create a free account to unlock detailed analysis

Related Intelligence

Full Access

Unlock Full Intelligence Access

Real-time alerts, detailed threat assessments, entity networks, market correlations, AI briefings, and interactive maps.