Fraudsters are using bots to drain cryptocurrency accounts
Fraudsters are targeting cryptocurrency account holders with Bots designed to steal two-factor authentication tokens and steal money from the compromised accounts. The bots contact the victims on the premise that an unauthorized transaction is occurring within their account and providing the victim with steps to stop the transfer, which includes proving they are the account holder by providing their 2FA code. The bot then automatically logs in as the victim, locks them out of their account, and initiates a transfer of crypto-assets out of the account. These attacks, which have bee used to target other non-crypto types of accounts are more impactful in the crypto domain given the irreversibility of the transactions.