Threat Actors Weaponize Telegram Bots to Compromise PayPal Accounts

A campaign is stealing one-time password tokens to gain access to PayPal, Pay and Pay, among others.

Cybercriminals are using Telegram bots to steal one-time password tokens (OTPs) and defraud people through banks and online payment systems, including PayPal, Apple Pay and Google Pay, new has found.

Researchers from Intel 471 discovered the campaign, which has been operational since June, they said in a report published Wednesday.

“Two-factor authentication is one of the easiest ways for people to protect any online account,” researchers noted in the post. “So, of course criminals are trying to circumvent that protection.”


Threat actors are using Telegram bots and channels and a range of tactics to gain account information, including calling victims, and impersonating banks and legitimate services, researchers said.

Through social engineering, threat actors also deceive people into giving them an OTP or other verification code via a mobile device, which the crooks then use to defraud accounts of money, they said.

“The ease by which attackers can use these bots can not be understated,” they wrote in the report. “While there’s some programming ability needed to create the bots, a bot user only needs to spend money

Read More: https://threatpost.com/telegram-bots-compromise-paypal/175099/