Telekopye

Malware updated 7 days ago (2024-10-21T09:01:13.006Z)
Download STIX
Preview STIX
Telekopye is a malicious software, or malware, that has been utilized by a group of cybercriminals referred to as "Neanderthals" for well-organized phishing campaigns. Since its inception in 2016, Telekopye has facilitated the creation of fraudulent links, web pages, QR codes, and convincing images, primarily via phishing emails, SMS messages, and suspicious downloads. The toolkit has been particularly effective in creating phony websites, enabling the Neanderthals to scam online marketplace users and more recently, travelers in the hotel and apartment booking sector. The Russian hackers have used this custom malware in broad phishing attacks, leveraging it as a Telegram bot to scam marketplace users and defraud travelers. In addition to these activities, Telekopye operators use additional bots for money laundering, market research scraping, and implementing DDoS protection. Notably, there was a surge in accommodation-themed scams in July 2024 which, for the first time, surpassed Telekopye’s original marketplace-targeted scams. To combat the threats posed by Telekopye, cybersecurity firm ESET recommends awareness of the Neanderthals' tactics and exercising caution on affected platforms. Indicators of potential scams include suspicious links and requests for personal information. Using a reputable anti-malware solution is also strongly advised to provide protection against being lured to a phishing website. Despite these countermeasures, the Telekopye groups continue to refine their tools and operations, indicating an ongoing threat to online security.
Description last updated: 2024-10-21T08:31:38.724Z
What's your take? (Question 1 of 5)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Aliases We are not currently tracking any aliases
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Phishing
Scams
Eset
Telegram
Scammer
Bot
Scam
Malware
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Associated Threat Actors
To see the evidence that has resulted in these threatActor associations, create a free account
Alias DescriptionAssociation TypeVotes
The Neanderthals Threat Actor is associated with Telekopye. Neanderthals, as named by ESET researchers, is a threat actor group that uses the Telekopye Toolkit to execute sophisticated phishing campaigns. These scammers are primarily recruited via advertisements distributed across various online channels, including underground forums. They employ deceptive thas used
4
Source Document References
Information about the Telekopye Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
PreviewSource LinkCreatedAtTitle
InfoSecurity-magazine
13 days ago
ESET
17 days ago
CERT-EU
8 months ago
ESET
10 months ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
ESET
a year ago
CERT-EU
a year ago
ESET
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
ESET
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago