With the growth in cryptocurrencies and use cases, there has been a rise in cybercriminals trying to gain access to the crypto holdings of others. Hackers use different tricks daily to steal cryptocurrencies from their holders.
One of the newest techniques is using Telegram bots. Crypto platforms use telegram bots, especially in the verification process for airdrops.
Hackers have noticed that crypto enthusiasts trust these bots and now use them to their advantage. For example, they use the One-Time Password (OTP) bot to trick people into giving them access to their crypto exchange accounts. Getting this type of bot is relatively easy and affordable. One of these Telegram bots is called "BloodOTPbot," which costs $300 monthly. It also has an additional option to offer hackers tools on other networks like Twitter and Facebook.
Usually, the OTP bots do not work alone. Hackers tend to use other tools to gather necessary data of their potential victims. Major crypto exchanges have the OTP or 2FA feature that asks for a code when an account wants to be accessed. With the OTP bot, the hacker tries to convince a user to release the 2FA Code. Usually, it starts with arranging a regular call to their potential victim while they request the 2FA code. Typically, their victim may think that if the code is not released, they may lose their account and the crypto holdings. Out of fear, they release the code to the hackers, who then empty the user's account.
This attack is becoming common as people lose their crypto holdings to hackers, and the OTP bot is just one of the tools that cybercriminals use.