Bypassing With Bots: How Adversaries Use Automated Services to Sidestep OTPs Oct. 2023

Not all passwords are created equal. They may range from silly to scure, but one thing they have in common is that they’re the gateway into sensitive information. The good news is that tools like multi-factor authentication (MFA) and one-time passwords (OTP) have made it more complicated for cybercriminals to take over accounts with access to only one simple username and password. Or have they?

As always, the cyber underground has responded to these blockers and emerged with a new paid service that circumvents OTPs. These services leverage social engineering techniques and launch automated, tailored campaigns from subscription-based Discord and Telegram channels.

Join Intel 471 as we assess how this recent trend was developed and share more about the motivations behind the threat actors using and creating these automated services.

Our presentation will cover:

- Intel collected on the OTP bypass business model

- Details on the technical skills required by threat actors to build the bots

- Facts about the tactics, techniques and procedures employed by users and creators alike

This talk is designed to help you become familiar with what an OTP bypass operation looks like from start to finish, and give you the knowledge to detect and mitigate a growing threat in the underground.