How bots help hackers steal your bank details

0


Focus on your username and password. Hackers can get their hands on unsuspecting users. This is why cybersecurity experts recommend using different passwords for each site or using two-factor authentication, which requires the use of an additional method of logging into an account, such as texting, a biometric sensor or a one-time password. Two-factor recognition We need to ensure greater security by preventing hackers from accessing an account if they only have a password. Microsoft recently announced its intention to produce Long lost passwords.

Unfortunately, hackers can bypass this security system and gain more access. Bank data They are victims and extract thousands of euros from them. ResearchersIntel 471 Since June, the number of bots using the Telegram messaging service to provide security bypass services has increased. Used to control network bots and for cybercriminals to communicate with each other. “On these support channels, users share the successes associated with using bots and frequent walks with thousands of dollars from victim accounts,” the researchers explain.

BloodOTPbot and SMSRanger

In their report, the researchers focused specifically on two bots: SMSRanger and BloodOTPbot. The interface and controls of SMS Ranger are very similar to how the Slack collaborative communication platform works, which is easy to use for beginners. You can use it to target PayPal, Google Play or even Apple berry. BloodOTPbot is an SMS based bot. It can make automatic calls pretending to be a bank and require users to provide one-time passwords to access their account.

While programming knowledge is needed to create bots, it is much easier than creating malware. In addition, telegram robots can be rented already integrated, which further facilitates the training of hackers.

“Some forms of two-factor authentication of these bots show that they have their own security risks,” warn researchers at Intel 471. Security measures. “

Finally, banks should remember that they do not ask their members for passwords by phone, text or email. If you come across any calls or messages asking for passwords, this is definitely a scam.


Leave A Reply

Your email address will not be published.