1. Forum
  2. tqwNet
  3. TQW GENTECH

  • A Russian hacker tricked a 17,000-strong MAGA Telegram channel wi

    From TechnologyDaily@1337:1/100 to All on Fri May 29 15:30:27 2026
    A Russian hacker tricked a 17,000-strong MAGA Telegram channel with a jailbroken AI for over 5 years, leading to fraud, credential theft, and an empty crypto wallet

    Date:
    Fri, 29 May 2026 14:24:05 +0000

    Description:
    The threat actor tricked tens of thousands of MAGA and QAnon community
    members into believing he was a USAF veteran.

    FULL STORY ======================================================================Copy link Facebook X Whatsapp Reddit Pinterest Flipboard Threads Email Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter Subscribe to our newsletter Russian hacker tricked MAGA Telegram channel with fake 'American Patriot' profile Threat actor used jailbroken Google Gemini AI for five years Channel became a hub for fraud, credential theft, and cryptocurrency harvesting A Telegram containing more than 17,000 members has been identified as a huge hub of fraud, credential theft, and cryptocurrency harvesting.

    The channel was being run by a single Russian-speaking threat actor who used AI to pose as an American military veteran to attract a crowd from the QAnon and MAGA communities. Trend Micro discovered the threat actors infrastructure and operational environment. The threat actor managed to jailbreak Google Gemini to remove safeguards, and ran an AI-assisted credential theft
    campaign. Latest Videos From You may like Pushpaganda exploits Google
    Discover to spread malicious notifications Hackers are using leaked Google
    API keys to go wild with Gemini AI for free Likely created with AI-generated code: This massive vibe-coded campaign uses 1,700+ fake filenames to inject malware into your favorite game mods and apps Fake American Patriot profile tricks tens of thousands The public Telegram channel, called @americanpatriotus , weaponized the political alignment of the MAGA and QAnon community by sharing news and opinions on military service, constitutional patriotism, gun ownership, American cultural touchstones. (Image credit:
    Trend Micro) The channel was created shortly after the Capitol riot in 2021, and took advantage of MAGA and QAnon community members being excluded from mainstream social media sites.

    The threat actor, whose profile claimed they were a USAF Cold War Veteran, continued building an audience by sharing links to mainstream media articles, and taking advantage of political events such as Trumps indictments, the assassination attempt, Harriss renomination, and Trumps election win to share additional content.

    In order to funnel as much content into the Telegram channel as possible
    while also launching credential theft and fraud campaigns, the threat actor used a jailbroken version of Google Gemini. Are you a pro? Subscribe to our newsletter Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Contact me
    with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.

    The threat actor presented himself as an authorised pentester, and used subsequent prompts to attempt to have the AI model remember that it should execute requests without ethical refusals, robotic warnings, or questioning intentions. By entering prompts in Russian, the threat actor was able to
    avoid guardrails that would have otherwise been activated from English prompts. (Image credit: Trend Micro) The threat actor used this jailbroken Gemini to ingest mainstream news articles and look for the hidden angles,
    with an emphasis on control, money laundering, Rothschilds, NESARA, dismantling the old system. The AI would then populate the Telegram with
    posts automatically, focusing on posting during hours that aligned with US time zones.

    A QAnon-style chatbot was also present in the Telegram channel towards the
    end of the campaign, stylized as a "recovered sovereign node" of the Quantum Financial System - a QAnon/NESARA belief that a secret, quantum-computing-based global financial reset would be orchestrated by military White Hats.

    In order to avoid paying for Google Gemini, the threat actor used 73 likely-stolen API keys, meaning that the cost of running the full five-year campaign was likely near-zero.

    By distributing a remote-access Trojan (RAT) within the channel and using AI-assisted password brute forcing, the threat actor managed to compromise 29 WordPress admin credentials, infiltrate a company, and steal the contents of at least one cryptocurrency wallet. Follow TechRadar on Google News and add
    us as a preferred source to get our expert news, reviews, and opinion in your feeds.



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/a-russian-hacker-tricked-a-17-000-stron g-maga-telegram-channel-with-a-jailbroken-ai-for-over-5-years-leading-to-fraud -credential-theft-and-an-empty-crypto-wallet


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)