So far two Telegram bots called SMSRanger and BloodOTPbot have been found taking part in this malicious campaign.
Intel 471 researchers report that Telegram-powered bots are the hot favorites of threat actors as this helps them steal Telegram’s one-time passwords (OTPs) required on the 2FA (two-factor authentication) security process.
Researchers noted that there had been a sudden ‘uptick’ in the number of such services over the past few months as the variety of 2FA circumvention solutions is increasing.
Though 2FA security has emerged as a potent solution to protect our accounts, threat actors are eager to develop methods to exploit the OTPs and gain access to user accounts, either via social engineering or malware.
“While SMS- and phone-call-based OTP services are better than nothing, criminals have found ways to socially engineer their way around the safeguards,” researchers noted.
How does 2FA Works?
For your information, the purpose of 2FA security is to authenticate a user’s identity before allowing them access to some service. This verification can take place in the form of one-time password or OTP tokens, links, codes, biometric markers, or simply require a tap on a physical