Telegram infected with bots attempting to recover one-time passwords

by Kelvin
Telegram infected with bots attempting to recover one-time passwords

Be careful if you are dealing with a bot on the Telegram instant messaging service. These can be a gateway to a phishing attempt, paving the way for various malicious and fraudulent uses of your data, and other consequences, including salty financial ones. Intel 471 researchers have thus unveiled an upsurge in bots on Telegram.

If, at first glance, a bot does not necessarily constitute a threat but generally a help for the user, for example in the case of the chatbot to quickly answer basic questions about a service, those present on Telegram should be watched. This is especially true, according to Intel researchers, for bots dubbed “SMSRanger” and “BloodOTPbot”. According to Intel 471 researchers, the threat has been growing on Telegram since last June.

Everything is intended to fool you: the interface of SMSRanger, for example, takes on a similar appearance to that of the corporate social network Slack. This bot is also very interested in your data Apple Pay, PayPal or Google Play, depending on. BloodOTPbot is able to act via SMS, but also to generate calls similar to those of bank employees. Telegram is, according to the researchers, used as well for creating and managing malicious bots as for communicating between cybercriminals to resell the hacked data and congratulate each other on the success of their bots.