How Telegram Bots Pose Cyberthreats to Crypto Investors

Fraudsters use Telegram hacker bots to deceive сrypto investors into disclosing their two-factor authentication codes, which leads to the blocking and decimation of accounts.

Using Vulnerabilities

Scammers use Telegram bots to fool users into providing access to their cryptocurrency accounts. A cybersecurity firm called Intel471 has reported on the dangers of using one-time password (OTP) bots in the crypto industry. Intel471 claims that such bots are easy to use and inexpensive. Hackers benefit from violation of personal security in case of a successful attack, while their initial investment is insignificant.

BloodOTPbot is a service that poses such a threat to users. The monthly tariff for access to its users’ personal information costs the fraudster only $300. In addition to the classic tariff, such bots let hackers access private social networks like Facebook, Instagram, and Twitter. They can also get personal data from cryptocurrency exchanges if they pay $20-$100 extra. It was recorded that the Coinbase exchange, PayPal, and Venmo also are under threat.

How Does the Cyberattack Work?

The process of deceiving users is divided into several stages.

  1. All personal information about the potential victim is collected; in hacker lingo, it is known as “fullz.”
  2. With the help of bots, a seemingly official call is made to confuse the victims and make them nervous about the security of their assets.
  3. Bots force users to share access to their cryptocurrency account, mainly their two-factor authorization (2FA) codes, so that all information is fully received by hackers.

Here is an example from CNBC on how the fraud is implemented in real life. Dr. Anders Apgar, a Coinbase client, fell victim to the exceptionally significant danger. He has been a blockchain investor for several years, and his account balance was over $106,000 when it was hacked during a robocall. In addition to the calls, the account owner received a banner with a notification that said: “Your account is in jeopardy.” Apgar decided not to ignore the message and instead passed on his 2FA code. The account was instantly blocked, and the crypto assets were stolen.

Even the Giants Are Vulnerable

Coinbase, a platform for trading, storing, and exchanging cryptocurrencies, has been repeatedly criticized by users due to its lack of responsiveness towards hacker attacks. To improve the situation, Coinbase bought an Indian startup and created a special telephone line to promptly respond to asset seizures and account takeovers.

A platform’s representative said that “Coinbase will never make unsolicited calls to its customers.” The specialists are encouraging users to be cautious when providing data over the phone. They advise investors not to share any of their account details or security codes. An official phone number is listed on the organization’s website so that anybody can call it without much risk.