Home Cyber Security Cybercriminals Utilizing Telekopye Telegram Bot to Craft Phishing Scams on a Grand Scale

Cybercriminals Utilizing Telekopye Telegram Bot to Craft Phishing Scams on a Grand Scale

Cybercriminals Utilizing Telekopye Telegram Bot to Craft Phishing Scams on a Grand Scale


Nov 24, 2023NewsroomMenace Evaluation / Darkish Net

Phishing Telegram Bot

Extra particulars have emerged a few malicious Telegram bot referred to as Telekopye that is utilized by menace actors to tug off large-scale phishing scams.

“Telekopye can craft phishing web sites, emails, SMS messages, and extra,” ESET safety researcher Radek Jizba mentioned in a brand new evaluation.

The menace actors behind the operation – codenamed Neanderthals – are recognized to run the felony enterprise as a respectable firm, spawning a hierarchical construction that encompasses completely different members who tackle numerous roles.

As soon as aspiring Neanderthals are recruited through commercials on underground boards, they’re invited to affix designated Telegram channels which can be used for speaking with different Neanderthals and hold monitor of transaction logs.

The final word purpose of the operation is to tug off one of many three forms of scams: vendor, purchaser, or refund.


Within the case of the previous, Neanderthals pose as sellers and attempt to lure unwary Mammoths into buying a non-existent merchandise. Purchaser scams entail the Neaderthals masquerading as consumers in order to dupe the Mammoths (i.e., retailers) into getting into their monetary particulars to half with their funds.

Different eventualities fall right into a class referred to as refund scams whereby Neaderthals trick the Mammoths a second time below the pretext of providing a refund, solely to deduct the identical amount of cash once more.

Singapore headquartered cybersecurity agency Group-IB beforehand instructed The Hacker Information that the exercise tracked as Telekopye is identical as Classiscam, which refers to a scam-as-a-service program that has netted the felony actors $64.5 million in illicit income since its emergence in 2019.

“For the Vendor rip-off situation, Neanderthals are suggested to arrange further images of the merchandise to be prepared if Mammoths ask for added particulars,” Jizba famous. “If Neanderthals are utilizing footage they downloaded on-line, they’re purported to edit them to make picture search tougher.”

Phishing Telegram Bot

Selecting a Mammoth for a purchaser rip-off is a deliberate course of that takes under consideration the sufferer’s gender, age, expertise in on-line marketplaces, ranking, opinions, variety of accomplished trades, and the kind of gadgets they’re promoting, indicating a preparatory stage that includes in depth market analysis.

Additionally utilized by Neanderthals are net scrapers to sift by on-line market listings and choose a super Mammoth who’s prone to fall for the bogus scheme.

Ought to a mammoth want in-person fee and in-person supply for offered items, the Neanderthals declare “they’re too far-off or that they’re leaving town for a enterprise journey for just a few days,” whereas concurrently demonstrating heightened curiosity within the merchandise to extend the chance of success of the rip-off.

Neanderthals have additionally been noticed use VPNs, proxies, and TOR to remain nameless, whereas additionally exploring actual property scams whereby they create bogus web sites with condominium listings and entice Mammoths into paying for a reservation charge by clicking on a hyperlink that factors to a phishing web site.


“Neanderthals write to a respectable proprietor of an condominium, pretending to have an interest and ask for numerous particulars, corresponding to further footage and what sort of neighbors the condominium has,” Jizba mentioned.

“The Neanderthals then take all this data and create their very own itemizing on one other web site, providing the condominium for lease. They lower the anticipated market value by about 20%. The remainder of the situation is similar to the Vendor rip-off situation.”

The disclosure comes as Test Level detailed a rug pull rip-off that managed to pilfer almost $1 million by luring unsuspecting victims into investing in faux tokens and executing simulated trades to create a veneer of legitimacy.

“As soon as the token had sufficiently lured in buyers, the scammer executed the ultimate transfer – withdrawal of liquidity from the token pool, leaving token purchasers with empty arms and depleted funds,” the corporate mentioned.

Discovered this text attention-grabbing? Comply with us on Twitter and LinkedIn to learn extra unique content material we submit.


Supply hyperlink


Please enter your comment!
Please enter your name here