That the but Telegram are potentially dangerous is certainly nothing new, but what was recently discovered by researchers at ESET managed to surprise security experts.
We are talking about bots that include a toolkit called telecopywhich facilitates the work of cybercriminals by generating fraudulent sites and pages, ideal in the context of campaigns phishing also very complex and refined.
According to the data collected, the main objectives of those who manage these tools are online sales platforms. Telekopye’s activities are apparently focusing mainly on the Russian market, with services such as OLX e YULA among the most affected. However, there is no shortage of cases in the West too, with platforms such as eBay e BlaBlaCar also victims of cybercriminals.
With Telekopye, cybercriminals have three tactics at their disposal
Telekopye is a very flexible tool, as it allows hackers to carry out three types of attacks against potential victims.
Buyers of the aforementioned digital stores can be deceived by creating a fake website and pushing them to pay for a phantom product. In this way, cybercriminals can collect the numbers of credit cards and other sensitive data.
The second method used is that of refunds. Hackers, by creating a fake site for specific requests, can collect data very easily. Finally, cybercriminals can also claim victims among sellers. In this sense, protesting for a defective productthe merchant is offered a link that should demonstrate the purchase, instead directing him to a malicious site.
To make everything even more disturbing is the fact that Telekopye is under development and, in the coming months, will probably be enriched with further functions. The bot’s developers, on the other hand, are advertising their creation on various forums in the Dark Web and, given its easy use, it could become quite common even among novice hackers.