A New Telekopye Bots That Tricks Users to Steal Payment Details


Phishing bots are a tool used by hackers to fool people into disclosing private information such as-

  • Login credentials
  • Financial details

With the help of these automated tools, threat actors easily create deceptive, harmful emails and websites, which makes it easier for them to take advantage of vulnerabilities and access accounts or systems without authorization.

Cybersecurity researchers at ESET recently unveiled Telekopye bots that trick users into stealing payment details.

New Telekopye Bots

Telekopye is a Telegram bot, and in online marketplaces, this sophisticated bot helps threat actors scam people.

This bot enables its operator to craft several malicious things for illicit purposes, and we have mentioned below a few of them:-

  • Phishing websites
  • Emails
  • SMS messages
Table of contents from onboarding materials (Source – Welivesecurity)

For online scams, through ads in various channels, especially underground forums, Telekopye recruits Neanderthals.

Applicants answer basic questions, and approval by high-ranking members grants full access. Neanderthals must join a communication group and a separate channel for transaction logs.

A New Telekopye Bots That Tricks Users to Steal Payment Details
Recruitment for a Telekopye scamming group (Source – Welivesecurity)

Besides this, there are two types of Neanderthal, and here we have mentioned them below:-

  • One contacts every Mammoth
  • The other one is  selective

Rivalry exists, as the cautious ones favor profit over reckless tactics for less public attention.

Scam prep varies by scenario. For Seller scams, Neanderthals should have extra item photos in case Mammoths ask. If using online pics, edit to avoid image searches. 

Document

Free Webinar

In the upcoming webinar, Karthik Krishnamoorthy, CTO and Vivek Gopalan, VP of Products at Indusface demonstrate how APIs could be hacked. The session will cover: an exploit of OWASP API Top 10 vulnerability, a brute force account take-over (ATO) attack on API, a DDoS attack on an API, how a WAAP could bolster security over an API gateway

Meanwhile, for buyer scams, Neanderthals carefully choose mammoths based on gender, age, online experience, ratings, reviews, and trade history.

A New Telekopye Bots That Tricks Users to Steal Payment Details
Neanderthals’ analysis of a typical buyer (Source – Welivesecurity)

In Buyer scams, Neanderthals target Mammoths based on item types—some skip electronics, others favor mobile devices.

Besides this, the manuals suggest items priced between:-

  • 1,000 to 30,000 rubles (€9.50 to €290 as of 20th October, 2023)

Neanderthals employ web scrapers to swiftly sift through online listings, targeting Mammoths for Buyer scams. They scrape marketplace data, focusing on ratings and experience, then use it to find susceptible targets.

Overcoming Mammoths’ preference for in-person transactions, Neanderthals persuade them to opt for online payment and delivery to a phishing site. They divert chats to less-monitored platforms, claiming inconvenience.

About 50% comply, and 20% fall for the scam, rendering a 10% success rate. Email or SMS delivery, using Telekopye for convincing phishing messages, is another favored method. Neanderthals use tricks to obtain Mammoths’ contact info without raising suspicion, avoiding red flags.

Telekopye skips AI for stealth, relying on Neanderthals’ communication expertise in scams. Delayed replies and adapting to Mammoth’s time zone create trust. 

Neanderthals share fake stories, weed out suspicious mammoths, and ensure payment in buyer scams. Language illusion involves Russian-speaking scammers with English proficiency.

However, the group implements strict rules to ensure anonymity, and here below, we have mentioned those:-

  • No info probing
  • VPNs
  • proxies
  • TOR use
  • Cryptocurrency preference

Researchers identified multiple groups operating Telekopye and affirmed that insights into Telekopye’s numerous groups offer valuable lessons to safeguard platform users.

Experience how StorageGuard eliminates the security blind spots in your storage systems by trying a 14-day free trial.



Source link