So far two Telegram bots called SMSRanger and BloodOTPbot have been found taking part in this malicious campaign.
Intel 471 researchers report that Telegram-powered bots are the hot favorites of threat actors as this helps them steal Telegram’s one-time passwords (OTPs) required on the 2FA (two-factor authentication) security process.
Researchers noted that there had been a sudden ‘uptick’ in the number of such services over the past few months as the variety of 2FA circumvention solutions is increasing.
Though 2FA security has emerged as a potent solution to protect our accounts, threat actors are eager to develop methods to exploit the OTPs and gain access to user accounts, either via social engineering or malware.
How does 2FA Works?
For your information, the purpose of 2FA security is to authenticate a user’s identity before allowing them access to some service. This verification can take place in the form of one-time password or OTP tokens, links, codes, biometric markers, or simply require a tap on a physical