On Telegram, scammers have been utilizing complex hacking bots to deceive investors into disclosing their OTP two-factor authentication, resulting in locked and wiped-out accounts.
Users are being duped into allowing cybercriminals to access their cryptocurrency accounts via bots purchased on Telegram.
One Time Password (OTP) bots, according to a report from cybersecurity firm Intel471, are “remarkably easy to use” and “quite inexpensive to operate” in comparison to the amount of money that came from a successful assault.
Hackers can gain access to a Telegram bot known as ‘BloodOTPbot’ for $300 per month. Fraudsters can also spend an extra $20 to $100 on more phishing tools that target individual Instagram, Facebook, and Twitter accounts, as well as banking services like Paypal and Venmo and crypto platforms like Coinbase.
OTP bots are particularly nasty since they are usually the final part of the hacking process. After acquiring all vital personal information about the victim, often known as “the fullz” in hacker jargon. Hackers utilize the OTP bot to imitate an official phone call while also prompting the user’s crypto platform for their 2FA code. Hackers obtain immediate and total access to the victim’s account after the often-agitated user divulges the code.
For instance, a Maryland-based obstetrician Dr. Anders Agpar was the victim of such an attack. It is in which he received an “official-sounding phone call” as well as a series of banner notifications on his phone informing him that his Coinbase account was “at risk.”
Crypto Victim Recount
Specifically, Dr. Agpar found himself locked out of his own Coinbase account. It included around $106,000 in Bitcoin, after the revelation of his two-factor authentication (2FA) code over the phone.
OTP bot assaults are becoming more common, and they are costing both institutions and regular retail investors a significant amount of money. When it comes to extracting funds, the bots have a very high success rate.
In the past, furious consumers have criticised Coinbase’s customer care for being slow to respond to hacker complaints. Coinbase purchased an Indian AI startup. It established a phone line dedicated to dealing with account takeovers and associated threats. They attempt to enhance reaction times and client relations.
Coinbase will never call its customers without their permission. We advise everyone to be vigilant when providing information over the phone, said a Coinbase spokeswoman. If you get a call from someone alleging to be from a financial institution, don’t give out any account or security information. Alternatively, hang up and call them at the organization’s official phone number.
“The views and opinions on this Crypto News Website are solely those of the authors and contributors. These views and opinions do not necessarily represent those of iBaseTrading or its partners.”