Hackers have started using bots to obtain one-time passwords, which allows them to effectively bypass two-factor authentication. This was reported to journalists by Igor Bederov, an expert at NTI SafeNet.
To bypass two-factor protection, attackers have started using OTP bots.
According to the expert, these bots mimic the process of entering a one-time password and are 40% more effective than traditional phishing. Bederov explained that the effectiveness of hacking accounts using such bots reaches 60%, while with phishing this figure is only 18%.
OTP bots can get onto users' devices through the download of malicious files. Bederov recommends using authenticator applications or hardware tokens to improve security.
Read more on the topic:
Fraudsters with fake documents are trying to deceive banks: a fraud scheme revealed
A "university" for training fraudsters was found on the Web by Sberbank security specialists
