Christoffer S.Any thoughts on how many Credential Stealer families rely on using the Telegram API Bot endpoint for exfiltrating / copying information from infected devices?
Trying to assess the potential for leveraging that observation for some simple detection rules of potential stealer infections.
Any hot takes?