Telegram Bots, a new way used by hackers to access OTPs


When we talk about privacy and online protection, the very first thing that comes to mind is two-factor authentication (2FA). Surprisingly, cybercriminals are trying to try new ways to bypass this protection in order to gain access to users’ one-time passwords (OTPs).

Bots are making headlines today due to their involvement in cybercrime, such as SIM card swapping, phishing, and data breaches. Bots automatically call targets in phishing scams and trick them into giving up OTP codes. This implies that the configuration of the bots is not up to date and somewhere the hackers may have discovered the loophole in the codes.

According to reports from Cyware Social, there are two bots of concern, according to researchers at Intel 471. These are BloodOTPbot and SMSRanger. The first is an SMS bot that can be used to make automatic calls, tricking the user into believing that the person calling them is a bank employee. A classic act of phishing. The second is used to target specific apps and services like Google Pay, PayPal, and Apple Pay.

There are also other bots that are on the radar, such as SMS Buster, which require a bit more effort to hack it. This bot is also used to impersonate the attacker as a bank clerk.

In a nutshell, apps like Telegram should not be considered secure in the given environment where even two-factor authentication is not secure. Hackers are getting very proactive and trying all other ways to access information and use it to their advantage.

About Marion Browning

Check Also

Cross-platform messaging scam makes a comeback on social media :: WRAL.com

By Donna Natosi, WRAL Editor-in-Chief What’s old is new again in a resurgent social media …

Leave a Reply

Your email address will not be published.