Once a target’s phone number is entered, the bot does the rest of the work. ‘SMSRanger’ for example, had a very intuitive interface, utilising simple slash commands to cycle through the different ‘modes’ that will target specific banks or other services such as PayPal, Apple Pay or Google Pay. The researchers cited several bots they observed which appeared to be extremely successful in their goal. In the various support channels provided alongside these bots, users share the successes of their exploits, often acquiring thousands of pounds from their victims. These services appear to be yet another example of the burgeoning Cybercrime as a Service (CaaS) market. Some services also enable the interception of OTPs on popular social media platforms or other financial services, providing email phishing and ‘SIM swapping’ capabilities. “Over the past few months, we’ve seen actors provide access to services that call victims, appear as a legitimate call from a specific bank and deceive victims into typing an OTP or other verification code into a mobile phone in order to capture and deliver the codes to the operator,” they explained. Intel 471 say they have seen an ‘uptick’ in services on the cybercrime underground that allow attackers to gain access to the codes. OTPs are often used by banks and other services that provide access to valuable information. Researchers Intel 471 have observed the operation of these services on Telegram, which they say have only been in operation since June, with them either operating via a Telegram bot or providing support for customers via a Telegram channel. Consequently, it was likely only a matter of time before cybercriminals developed ways to try to circumvent these protocols. Many companies now use two-factor authentication for their services to improve security for their customers and users. Bot services on messaging provider Telegram are being used to steal one-time passwords (OTP) used in two-factor verification to access accounts online.
0 Comments
Leave a Reply. |