A group of cybercriminals known as Neanderthals have been identified as the perpetrators behind large-scale phishing scams in online marketplaces. They utilize a malicious Telegram bot called Telekopye to carry out their fraudulent activities. This article aims to provide a comprehensive description of their tactics and strategies, as well as offer recommendations for protecting against these threats.
Description
Neanderthals recruit new members through advertisements in underground forums [1] [7], requiring them to fill out an application [7]. Once approved [7], these members gain access to Telekopye, which serves as a tool for carrying out various scams. The scams include seller scams, buyer scams [1] [2] [3] [4] [6] [7] [11] [13], and refund scams [2] [3] [4] [5] [6] [7] [8] [11] [12] [13] [14].
In seller scams [1] [2] [3] [4] [7], Neanderthals pose as sellers and deceive buyers into purchasing non-existent items through phishing websites [7]. In buyer scams [1] [3] [4] [6] [7], they masquerade as buyers and convince sellers to click on phishing links to receive payment [7]. Refund scams involve sending phishing emails to individuals who are expecting a refund [7].
To enhance their scams, Neanderthals have accumulated knowledge and created internal documentation [7]. They also conduct market research to select their targets based on factors such as gender [7], age [6] [7], and income [7]. Web scrapers are utilized to quickly identify potential victims in online marketplaces.
It is worth noting that the Telekopye activity is linked to Classiscam, a scam-as-a-service program that has generated $64.5 million in profits since 2019 [2] [3] [5] [8] [12] [14]. Neanderthals employ various tactics to maintain anonymity, including the use of VPNs, proxies [2] [3] [4] [5] [6] [8] [11] [12] [13] [14], and TOR [2] [3] [4] [5] [6] [8] [11] [12] [13] [14]. They have also been involved in a rug pull scam [4], where victims are enticed to invest in fake tokens and subsequently experience financial losses.
Furthermore, Neanderthals utilize the Telekopye bot to create convincing phishing websites, emails [1] [2] [3] [4] [6] [7] [8] [9] [10] [11] [12] [13] [14], SMS messages [2] [3] [4] [6] [8] [9] [10] [11] [12] [13] [14], and more. They recruit members through underground forums and provide access to specific Telegram channels for communication and monitoring [6] [11] [13]. Additionally, they engage in real estate fraud by creating fake apartment listings [2] [3] [6] [8] [11] [12] [13].
Conclusion
To protect against these threats [4], businesses and individuals should prioritize vigilance and implement measures such as multi-factor authentication and careful review of online transactions [4]. It is crucial to remain cautious and skeptical when engaging in online marketplaces, especially when dealing with unfamiliar sellers or buyers. By staying informed and taking proactive steps to safeguard personal information, we can mitigate the risks posed by cybercriminals like the Neanderthals.
References
[1] https://www.eset.com/int/about/newsroom/press-releases/research/eset-research-dives-into-the-onboarding-and-scamming-processes-of-telekopye-online-fraudsters/
[2] https://owasp.or.id/2023/11/24/cybercriminals-using-telekopye-telegram-bot-to-craft-phishing-scams-on-a-grand-scale/
[3] https://osintcorp.net/cybercriminals-using-telekopye-telegram-bot-to-craft-phishing-scams-on-a-grand-scale/
[4] https://www.varutra.com/ctp/threatpost/postDetails/Neanderthals-Exploit-Telegram-Bot-%22Telekopye%22-for-Large-Scale-Phishing-Scams/bFVYZmZNa040WVJ4TWlOSTZWUDFLQT09/
[5] https://ciso2ciso.com/cybercriminals-using-telekopye-telegram-bot-to-craft-phishing-scams-on-a-grand-scale-sourcethehackernews-com/
[6] https://www.canindia.com/hackers-using-telegram-bot-to-pull-off-large-scale-phishing-scams-report/
[7] https://www.welivesecurity.com/en/eset-research/telekopye-chamber-neanderthals-secrets/
[8] https://thehackernews.com/2023/11/cybercriminals-using-telekopye-telegram.html
[9] https://cyber.vumetric.com/security-news/2023/11/24/cybercriminals-using-telekopye-telegram-bot-to-craft-phishing-scams-on-a-grand-scale/
[10] https://www.hackread.com/telekopye-toolkit-telegram-bot-marketplace-scam/
[11] https://www.sakshipost.com/news/hackers-using-telegram-bot-pull-large-scale-phishing-scams-report-250735
[12] https://jn66dataanalytics.com/news/cybercriminals-using-telekopye-telegram-bot-to-craft-phishing-scams-on-a-grand-scale-the-hacker-news
[13] https://theshillongtimes.com/2023/11/26/hackers-using-telegram-bot-to-pull-off-large-scale-phishing-scams-report/
[14] https://patabook.com/technology/2023/11/24/cybercriminals-using-telekopye-telegram-bot-to-craft-phishing-scams-on-a-grand-scale/