+

Cookies on the Business Insider India website

Business Insider India has updated its Privacy and Cookie policy. We use cookies to ensure that we give you the better experience on our website. If you continue without changing your settings, we\'ll assume that you are happy to receive all cookies on the Business Insider India website. However, you can change your cookie setting at any time by clicking on our Cookie Policy at any time. You can also see our Privacy Policy.

Close
HomeQuizzoneWhatsappShare Flash Reads
 
  • Home
  • cryptocurrency
  • news»
  • Telegram is the crypto hackers’ newest playground — and they have automated the process

Telegram is the crypto hackers’ newest playground — and they have automated the process

BI India BureauFeb 17, 2022, 17:17 IST
Business Insider India
TelegramBusiness Insider
  • Cryptocurrency scammers are using bots on Telegram to con investors into giving up their one-time-passwords (OTPs).
  • The hackers use the OTPs to lock the original users out of their account and then steal their holdings.
  • The bots are available for sale on Telegram too for around $300 per month.
Advertisement
First they got into emails, then onto WhatsApp, and now Telegram is the latest playing field for cryptocurrency scammers. Bots on the messaging platform are being tasked with getting investors to reveal their two factor authentication, which is then being used by hackers to log into the account, lock out the original users and then clean the house.

Rather than having to socially engineer elaborate conversations over phone or messages, the OTP bots automate the entire process so that it can be done at scale. This means more attacks — and more victims.
Sign up and get free crypto worth ₹100
Sign Up
*Applicable for the first 1000 signups

The growing threat of Telegram bots


These bots normally parade around pretending to be a help channel, according to a report by digital threat detection firm Q6 Cyber. It highlights that, not only are bots a growing threat, but that the damage they inflict is difficult to quantify.

And, they’re for sale even if you’re not a coder. An investigation by Intel471 revealed that a user only needs to pay a monthly fee of $300 in order to obtain the authentication code required to operate one of these bots. For another $20 to $100, they could have access to live phishing panels, which come ready with a list of possible targets — like users that confirmed members of Coinbase.

While SMS- and phone-call-based OTP services are better than nothing, criminals have found ways to socially engineer their way around the safeguards.

Excerpt from a report by Intel471 dated September 2021

Crime-as-a-service


Advertisement
In July, last year, Indian crypto exchange ZebPay sent an alert out to its users warning them of a fake support group on Telegram trying to steal OTPs from users.


The automated process of stealing information for users has given birth to a new underground industry — crime as a service. For an engineer, he doesn’t need to get his hands dirty — just provide the bot. And, for a thief, they longer necessarily need to have the technical know-how to steal things online.

The creative ways in which hackers are trying to steal digital currencies is on the rise, even with the prices of tokens being in the doldrums since the start of the year.

SEE ALSO:
Russia-Ukraine conflict continues to play havoc on crypto prices
Tata Motors, Wipro, TCS, Nestle and other hot stocks on February 17
You are subscribed to notifications!
Looks like you've blocked notifications!
Latest Stories
Anil Ambani's Reliance Group sets up centre to helm 2030 growth strategy
Tomato prices falls over 22% in a month due to better supply
India to shift to 'smartphone era' for cars embracing 5G, advanced AI in 2025: Report
Jonathan Bailey confirms return to 'Bridgerton' for season four, production to begin next week
Dubai-based siblings to transfer jiohotstar.com domain to Reliance 'free of cost'
Trending News
Next Article
Next Story
Popular Categories
Trending Right Now

Copyright @ 2024. Times Internet Limited. All rights reserved.For reprint rights. Times Syndication Service.