Connect with us
Telegram bot SMSRanger helps cybercriminals steal one time passwords Telegram bot SMSRanger helps cybercriminals steal one time passwords

Security

Telegram bot SMSRanger helps cybercriminals steal one-time passwords

Published

on

Attackers use a bot to send automatic messages to people, allegedly on behalf of a bank, PayPal, etc.

Cybercriminals have armed themselves with a new, simplified attack tool based on scripts from the Telegram messenger that allows them to create bots to steal credentials with a one-time password, intercept control of user accounts and steal bank funds.

How reported experts from the information security company Intel 471, cybercriminals use a bot script called SMSRanger to send automatic messages to people, allegedly on behalf of a bank, PayPal or other popular financial applications.

Automatic messages prompt users to send One Time Password (OTP) codes along with other account information. If successful, Telegram bots collect codes, allowing hackers to bypass the bank’s OTP verification system, hack the user account and withdraw funds.

SMSRanger differs from other tools in its ease of use. The ability to specify numbers, goals and the company that the program will disguise as is quite simple, so the criminal only needs to know some basic script commands in Telegram. Because of this, the SMSRanger tool is popular not only among experienced cybercriminals, but also among relatively unskilled cybercriminals.

Once the target’s phone number has been entered, the bot does the rest of the work, according to experts, ultimately granting access to any successfully attacked account. Users claim that SMSRanger is about 80% effective if the victim answered the call and the information provided was accurate and new.

SMSRanger isn’t the only bot that uses easy-to-use scripting functions. Intel 471 also discovered the SMS Buster tool capable of stealing even more detailed account information such as credit card numbers and CVV codes.

Click to comment

Leave a Reply

Your email address will not be published.

Phones

Apple has reported a possible vulnerability in the operating systems of the iPhone and iPad

Published

on

Apple has reported a possible vulnerability in the operating systems

A vulnerability has been discovered in the operating systems of iPhones and iPads that could give hackers full administrative access to devices. It is in the core of the system and in the engine for displaying WebKit web pages. As noted, the problem has been fixed in the latest firmware versions.

Apple has reported a possible vulnerability in the operating systems of the iPhone and iPad

The media talked about this, and also said that some “anonymous researchers” helped discover the company’s vulnerability, but Apple did not disclose details.

As follows from the report, attackers could run applications with administrator privileges and act on behalf of the owner of the device. The issue affected iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation). This affected the iOS 15.6.1 and iPadOS 15.6.1 operating systems.

The company’s technical support has already stated that the problem has been fixed, and independent experts have stated that they recommend updating the OS to the latest current version.

The full iOS 16 update will be released in September, and watchOS 9 for smartwatches is also expected. But the new version of iPadOS will appear later, like macOS Ventura.

Continue Reading

Security

NASA intends to “in full force” to investigate UFOs – this will be done by specialists in aerospace security and artificial intelligence

Published

on

NASA intends to in full force to investigate UFOs

NASA is seriously planning to do research on UFOs. The agency announced this in June, and now there are new details. The research will be led by astrophysicist David Spergel, president of the Simons Foundation in New York. The group will also include 15-17 of the world’s leading scientists, including aerospace security experts and artificial intelligence specialists.

NASA intends to

The formation of the group is planned to be completed by October. The project itself is designed for 9 months, and the cost of research will be about $100,000.

According to Daniel Evans, spokesman for the Agency’s Science Mission Directorate (SMD), NASA intends to study the phenomenon “in full force”. At the same time, the agency tries to avoid the term UFO, instead using the concept of “unidentified aerial phenomena” (UAP).

Evans noted that NASA has a unique opportunity for such work. He also stated that other agencies do not enjoy such public confidence. The aim of the project is to classify the available UAP data and find ways to monitor it.

Earlier, NASA launched a service that shows how the human voice sounds on Mars.

Continue Reading

Security

Is Elon Musk’s Satellite Internet Under Threat? Enthusiast Hacked Starlink User Terminal

Published

on

Is Elon Musks Satellite Internet Under Threat Enthusiast Hacked Starlink

At the Black Hat Security Technology Conference recently held in Las Vegas, Lennert Wouters, a cybersecurity specialist from KU Leuven (Belgium), shared his experience of successfully hacking Starlink user equipment. True, this was not a classic software hack, since the researcher had to make a so-called “modchip”.

Is Elon Musk's Satellite Internet Under Threat?  Enthusiast Hacked Starlink User Terminal

The cost of manufacturing a chip connected to a Starlink subscriber terminal was $25. The chip caused a short-term short circuit, which disabled the built-in protection systems, after which the specialist gained access to the terminal. And already from it you can run any commands.

Is Elon Musk's Satellite Internet Under Threat?  Enthusiast Hacked Starlink User Terminal

Our attack could render Starlink user terminals unusable and allow us to execute arbitrary code.”Wouters said.

Is Elon Musk's Satellite Internet Under Threat?  Enthusiast Hacked Starlink User Terminal

This is what the Starlink terminal looks like

According to the researcher, the only reliable way to avoid such an attack is to create a new version of the main “dish” chip. Other ways to fix the problem. However, this hacking option provides direct access to subscriber equipment, and this is not the easiest option, but the Starlink system, apparently, is well protected from remote hacking. So its users hardly need to worry.

Continue Reading

Most Popular