How Bots Help Hackers Steal Your Bank Details

Focus on your username and password. Hackers are able to get their hands on unsuspecting users. This is why cybersecurity experts recommend using different passwords for each site or using two-factor authentication, which requires the use of an additional method of logging into an account, such as an SMS, biometric sensor, or one-time password. Two factor recognition We need to ensure greater security by preventing hackers from accessing an account if they only have a password. Microsoft recently announced that it wants to produce Long-lost passwords.

Unfortunately, hackers can bypass this security system and gain more access Bank data They are victims and extract thousands of euros from them. ResearchersIntel 471 Since June the number of bots using the Telegram messaging service to provide security bypass services has increased. Used to control network bots and for cyber criminals to communicate with each other. “On these support channels, users share the successes associated with bot usage and frequent walks with thousands of dollars from victims’ accounts, ”the researchers explain.

BloodOTPbot and SMSRanger

In their report, the researchers focused specifically on two bots: SMSRanger and BloodOTPbot. The interface and controls of SMS Ranger are very similar to how the Slack collaboration communication platform works, which is easy for newbies to use. You can use it to target PayPal, Google Play or even Apple Bay. BloodOTPbot is an SMS based bot. It can make automatic calls by pretending to be a bank and ask users to provide one-time passwords to access their account.

Although programming knowledge is required to create bots, it is much easier than creating malware. In addition, telegram bots can be rented already built-in, which makes it even easier for training hackers.

“Some forms of two-factor authentication of these bots show that they have their own security risks,” warns Intel 471 researchers. Security measures. “

Finally, banks need to remember that they do not ask their members for passwords by phone, SMS or email. If you encounter calls or messages asking for passwords, this is definitely a scam.