A program to create a tailor-made phishing is circulating on channels of the Telegram application. These new kits dangerously simplify the hacking of personal data.
Cybercrime is on the way to commercialization. A phishing service open to everyone on Telegram was revealed by cybersecurity researchers from ESET, in a report published on August 24.
Called Telekopye, this tool makes it possible to design emails, fraudulent SMS and the malicious sites that go with them. Concretely, a budding hacker will find one of the channels dedicated to the creation of phishing. Telekopye works as a programmed bot to guide the cybercriminal through each step.
The criminal will, for example, start by choosing a product for sale on Amazon, Ebay, Alibaba, etc. He copies the ad link, then integrates it into the toolbox, which will take care of recreating a fake page duplicating the initial platform.
Once the decoy is in hand, the scammer can send it to his target. If the latter purchases the alleged product, the money will be transferred to the cybercriminals’ account. The same service also exists to create fake Blablacar profiles.
Similar offers allow sending phishing emails from a misleading address – “ [email protected] for example” – or fill in pre-written text messages with the service you want to impersonate. The victims of these fraudulent operations are called “Mammoths” by the crooks.
Commercialization of cybercrime on the rise
ESET cyber experts noticed that Telekopye was used on open channels on Telegram by “workgroups”. Several people try to launch campaigns or usurp a company from a diagram written from this tool.
Cybercriminals do not have direct access to the proceeds of their misdeeds. If the victim has given his bank details or paid money, the administrators will take care of recovering the winnings and laundering them with cryptocurrency. They will then pay a sum to the “customers” of Telekopye, in return for a commission. According to ESET, there is every reason to believe that this cybercriminal company is run from Russia.
” A sign of the professionalization of the criminal enterprise: Telekopye users and operators are organized in a clear hierarchy covering roles such as administrators, moderators and workers notes ESET.
This company also testifies to a simplification of cybercrime. Similar programs are becoming more and more widespread and end up looking like any other free service or software on the web. It should be remembered that article 226-18 of the Penal Code provides that ” collecting personal data by fraudulent, unfair or unlawful means is punishable by five years’ imprisonment and a fine of 300,000 euros. »
Subscribe for free to Artificials, our AI newsletter, designed by AIs, verified by Numerama!