Security News > 2021 > September > Threat Actors Weaponize Telegram Bots to Compromise PayPal Accounts
Cybercriminals are using Telegram bots to steal one-time password tokens and defraud people through banks and online payment systems, including PayPal, Apple Pay and Google Pay, new research has found.
Threat actors are using Telegram bots and channels and a range of tactics to gain account information, including calling victims, and impersonating banks and legitimate services, researchers said.
Telegram bots have become a popular tool for cybercriminals, which have used them in various ways as part of user scams.
Other threat actors have been found using Telegram bots in a rather unique way as command-and-control for spyware.
Actors pay to access the bot and then can use it by entering commands, in a similar fashion to how bots are used on the widely used workforce collaboration platform Slack, they explained.
Upon calling a potential victim, an attackers follows a script to try to fool the target into providing info such as an ATM card PIN, credit card verification value or OTP. Researchers observed threat actors using SMS Buster against Canadian victims and their bank accounts, using both English and French to target people, they said.
News URL
https://threatpost.com/telegram-bots-compromise-paypal/175099/