Security News > 2023 > August > New Telegram Bot "Telekopye" Powering Large-scale Phishing Scams from Russia
Dubbed Telekopye, a portmanteau of Telegram and kopye, the toolkit functions as an automated means to create a phishing web page from a premade template and send the URL to potential victims, codenamed Mammoths by the criminals.
The attack chains proceed thus: Neanderthals find their Mammoths and try to build rapport with them, before sending a bogus link created using the Telekopye phishing kit via email, SMS, or a direct message.
Telekopye is fully-featured, allowing its users to send phishing emails, generate web pages, send SMS messages, create QR codes, and create convincing images and screenshots of checks and receipts.
Rather than transferring money stolen from Mammoths to their own accounts, it's funneled to a shared account managed by the Telekopye administrator, giving the core team an oversight into the operations of each Neanderthal.
"Telekopye checks the Neanderthal's balance, final request is approved by the Telekopye administrator and, finally, funds are transferred to the Neanderthal's cryptocurrency wallet," Jizba said.
"In some Telekopye implementations, the first step, asking for a payout, is automated and the negotiation is initiated whenever a Neanderthal reaches a certain threshold of stolen money from successfully pulled off scams."
News URL
https://thehackernews.com/2023/08/new-telegram-bot-telekopye-powering.html
Related news
- GitHub, Telegram Bots, and ASCII QR Codes Abused in New Wave of Phishing Attacks (source)
- DOJ, Microsoft seize 107 domains used in Russia's Star Blizzard phishing attacks (source)
- Phishing scams and malicious domains take center stage as the US election approaches (source)
- AI and deepfakes fuel phishing scams, making detection harder (source)