As the use of Multi-Factor Authentication (MFA) becomes more common, threat actors have been forced to focus on methods to circumvent the protection. One-time password (OTP) usage is a form of MFA in which a service sends a numerical code via email, SMS, or through an app like Google Authenticator. There has been a rise in new OTP interception bots aiming to intercept the one-time use password. The bots being used operate over Telegram as a paid service with monthly fees upwards of $300 for access.
While users of these bots are required to provide only limited information about the target, chances of success in stealing the credential increases as more information is provided. SMSRanger is very popular and very easy to use with users claiming a near 80% success rate when full information is provided to enrich the attack. SMSBuster is another that is a bit more difficult to use as it requires the attacker to engage in social engineering of their own, however, templates and scripts are provided to the attacker.