Home Sophisticated cyber criminal network exploits OTPs

Sophisticated cyber criminal network exploits OTPs

May 13th – Since mid-2023, the Estate cyber crime group, operating out of the Netherlands, has orchestrated waves of ferocious cyber attacks that are executed via a combination of social engineering and one-time passcode (OTP) exploitation.

When a person (victim) inputs the OTP, attackers engage in crippling theft that can leave an individual permanently deprived of the funds in their bank account or retirement account. In turn, and unsurprisingly, this leads to hardship and suffering.

Estate’s operations explained

Estate’s strategy relies on a simple, yet devastatingly effective technique; intercepting one-time passcodes. The codes are designed to increase security via multi-factor authentication.

For a victim, the scam starts with a call, purportedly from a trusted entity, such as the PayPal security team, alerting the person to suspicious account activity. Urged to verify their identity, the victim unwittingly provides the six-digit OTP sent to their mobile device.

This code is actually for the phone’s SIM card. When a user verifies the code, the hackers automatically have control over the device.

Estate’s crumbling anonymity

As noted previously, this group has been in operation for some time. Until recently, experts were unable to determine where this cyber crime group was located, or more importantly, who was behind it.

But a newly discovered bug in Estate’s code has since exposed the group’s back-end data, presenting experts with information about its founder and members. Logs documenting each and every attack have also been retrieved.

Although Estate assured its own malware-as-a-service clients that all information concerning attacks was private, it turns out that Estate meticulously tracked every social engineering/SIM theft attempt, betraying the trust of its own clientele.

Relentless innovation

Estate has succeeded, in large part, because the attackers have been clever and innovative.

Their efforts reinforce the need be proactive about cyber security, especially when it comes to upgrading cyber security architecture. As attacks evolve, your systems need to evolve too. Reevaluate your security set-up and reinvent where necessary. Explore the power of AI-powered, cloud-delivered solutions in elevating your prevention and defense mechanisms.

Estate’s criminal achievements also highlight the need to offer employees strong cyber security education and awareness programs. In the scam type described above, it was people who were ultimately responsible for enabling the attackers. As you know already, people can be either your weakest link or your strongest line of defense.

See how to create cyber security awareness programs that employees will enjoy, here. Or get the full Estate story from TechCrunch. To receive compelling cyber insights, groundbreaking research and emerging threat analyses each week, subscribe to the CyberTalk.org newsletter.