Telegram Bots Used to Attack Online Payment Systems
PayPal, Apple Pay and Google Pay have been the recent target for cybercriminals. They are using Telegram bots to steal one-time password (OTP) tokens, as well as gain account information. Cybercriminals have been calling victims and impersonating banks in order to trick them into revealing their personal account credentials.
Telegram bots have become a popular tool for cybercriminals to use, especially due to the ease of using them. Intel 471 researchers found the use of these 3 bots – named SMSRanger, BloodTPbot and SMS Buster.
The SMSRanger bot sends a text message to a potential victim asking for their phone number. Once they receive that, cybercriminals are able to access whatever account they are targeting. Unfortunately, over 75% of people who are targeted will reveal all of their personal and confidential information.
The BloodTPbot sends users a fraudulent one-time password code (OTP) through SMS. The bot tries to call the users to get the verification code, and will notify the attacker of when they should request the OTP. Once the victim receives the OTP, the bot will then send the code to the operator and enters it into the phone’s keyboard.
The SMS Buster allows the attacker to disguise a call made from any phone number to make it appear to be a real contact from a bank. Their goal is to try to gain information, such as ATM card PIN, CVV or OTP.
Of course, there are ways these bots can get around almost anything. Even so, two-factor authentication is a must have when trying to protect your online accounts, and one of the easiest ways to do so.
Categorised in: IT Threat