Completed the Study on the Paper “A Large-Scale Study of Telegram Bots” (ICWSM 2026) Dear cybersecurity research colleagues, 1/8 I have completed an in-depth analysis of the first large-scale study dedicated to the Telegram bot ecosystem (arXiv:2603.24302). Conducted by researchers from Carnegie Mellon University, Tsinghua University, University of Cambridge, and Princeton University, the work examined 32,071 bots, 809 million messages, and 106,000 channels (68,000 of which are new) — the largest public dataset ever produced on the topic. In addition to updating previous datasets, the authors developed an autonomous interaction framework via the Telegram Bot API, which extracts real bot functionalities through commands and responses, going far beyond static descriptions. 2/8 Core Threat Intelligence Insight: Malicious AI Bots as Critical Infrastructure The study documents an explosive growth in generative AI-based bots starting in March 2023, coinciding with the release of GPT-4. These bots are concentrated in the Utility and, especially, Underground categories (~5% of the total, or approximately 1,539 bots), functioning as malicious AI endpoints. 3/8 Malicious Capabilities Identified The vast majority of AI bots in the Underground category offer generative AI abuse services, including: • Deepfake and nudification (automatic removal of clothing from images); • Face-swap in explicit content; • Generation of non-consensual images. These bots transform Telegram into an accessible and monetizable hub for digital sexual abuse via AI, enabling mass distribution of non-consensual content. 4/8 Concrete Command Examples Observed in Malicious AI Bots Through systematic analysis of command lists and interactions (via the authors’ framework), the study reveals recurring patterns. Representative examples extracted include: • AI abuse processing commands: /nudify, /undress, /deepnude, /removeclothes, /ai_nude, /generate_nsfw • Face-swap and deepfake commands: /faceswap, /swapface, /deepfake, /ai_face, /face_swap • General generation commands: /generate, /process, /img2img, /create, /transform • Integrated financial commands: /pay, /deposit, /withdraw, /balance, /wallet, /buy • Referral and viralization commands: /invite, /referral, /ref, /bonus • Mandatory Telegram commands: /start, /help (used to initiate flows that request photo upload payment) These commands typically lead to workflows that request the victim’s image upload followed by payment (Telegram Stars, TON, or cryptocurrencies) to process the content. 5/8 High-Risk Operational Patterns • Superficial disclaimers (“ 18” or “use only with consent”) with no real age or authorization verification mechanisms. • Evasive reuse: bots recreated with minor username variations (Levenshtein distance 1–2). • Strong integration between AI bots, payment gateways, and referral systems (71% of Finance/Scam bots include payment commands; 65% include referral). • Migration of services previously restricted to Tor to Telegram, leveraging its mobile-first interface and native payments. 6/8 Broader Intelligence Context Although 34% of bots are categorized as Finance (with a median lifespan of just 9 days), malicious AI bots operate as a programmatic infrastructure layer of the underground economy. They scale non-consensual abuse operations, directly monetize deepfakes, and expand reach to non-English-speaking communities (Russian 30%, Farsi, and Arabic), even when descriptions are in English. 7/8 Implications and Practical Recommendations from the Paper The study reinforces that Telegram bots are no longer isolated tools but have become critical infrastructure for cybercrime. The authors’ four practical recommendations for threat hunters and moderators are: 1. Prioritize analysis of the full command list (/start, /help, nudify, deepfake, etc.); 2. Correlate bot domain with the language of messages where the bot is mentioned; 3. Group bots by similarity of description

Undress Video #Video #photo #Undress #love Removeclothes lets you turn any photo into a custom undress AI video with realistic motion and expressive details. affc.store/go2022

ainude.best/?ref=4pQ3HkWKsA #undress #undressher #UndressAI #undressapp #nudify #removeclothes #free

Ujjain Breaking News: महाकाल मंदिर में भक्तों के उतरवाए कपड़े, वीडियो वायरल #MPNews #Ujjain #MahakalMandir #DevoteesForced #RemoveClothes #Viral #Video #ZeeMPCG zeenews.india.com/hindi/indi…

Gymtime 🏋‍♀️ over #sportsbraoff #takethemoff #removeclothes #nakedbreasts #bigbreasts #bigbustedwomen #bigtits #of #onlyfans #milf #gilf #sex

t.me/advanced_clothoff_bot?s… #deepnude #deepfake #ArtificialIntelligence #removeclothes #fakenude #undress #snapdress #clothoff

Time Marker 2L Water Bottle 🛒Shop Now: stay-upgraded.com/products/p… #Food #materials #yoga #strongwomen #conquerors #inspirational #Motivation #SIP #Men #Choice #EmpowerHer #design #wide #ML #removeclothes

who have bikini off ai i reall need it #ai #remove #removeclothes #bikinioff

Jasa Buka Baju, 20K dapat 2 foto Privasi Aman, Proses 10 Menit Minat Langsung Dm 💦 #jasabugil #editfoto #jasaremove #removeclothes #bukabaju #editbaju #jasaeditfotobugil #editbugil #nudeedit #editnude

If u buy advance use the code REMOVECLOTHES for $2 off also!!

#removeclothes #脫衣 #OfficeLady

Tix are live! You can use my discount code removeclothes for pre-sale only so get em while they're hot. last screening sold out ahead of time js bijou.bpt.me/

NPC /removeclothes #GH2022

ਨਕਲ ਦੀ ਜਾਂਚ ਲਈ ਟੀਚਰ ਨੇ ਉਤਰਵਾਏ ਕੱਪੜੇ 9ਵੀਂ ਦੀ ਵਿਦਿਆਰਥਣ ਨੇ ਘਰ ਪਹੁੰਚ ਖ਼ੁਦ ਨੂੰ ਲਗਾਈ ਅੱਗ 95 ਫੀਸਦੀ ਸੜੀ ਵਿਦਿਆਰਥਣ, ਹਾਲਤ ਗੰਭੀਰ #Jamshedpur #Jharkhand #Forced #RemoveClothes #Teacher #Class9 #Girl #Sets #Herself #Ablaze #ConditionSerious #Dailypostpunjabi

ઘરમાં વેપારીને બોલાવી યુવતીએ કપડા ઉતાર્યા અને અચાનક ઘરમાં પ્રવેશ્યા બે શખ્સ.... gujaratfirst.com/gujarat/new… #Ahmedabad #Gujarat #Clothes #Crime #Girsl #RemoveClothes

RemoveClothes(); try{ WearSchoolUniform(); } catch(OutOfSchoolUniformException){} equipament.Append(GetBag()); Printf("tchau, vou pra escola");

John Doe joined :ban others "You can't ban the owner" :removeclothes ROBLOX :gravity ROBLOX 200 :nude ROBLOX (1/2) #rr34 #robloxporn

Boolean rachelSmell = readBoolean (“Is rachel smelly? “); if (rachelSmell == true) { removeClothes; takeBath; }

#RAEconsultas Sí, porque no está adaptada y su grafía no se corresponde con su pronunciación, según las normas de nuestro sistema.

Antonio, les circulacions arriben i surten des d'aquestes estacions. Gràcies