CloudSEK Uncovers Threat Actors Exploiting OTP APIs for Widespread SMS Attacks

  • CloudSEK has detected automated scripts exploiting OTP verification APIs to execute large-scale SMS attacks, potentially causing service outages and multi-factor authentication fatigue.
  • Multiple GitHub repositories have revealed APIs that allow unlimited OTP SMS, posing an increased risk of API abuse and consequential damage to brands’ reputation and finances.
  • These discrete attacks could also mask illegitimate login attempts, impacting user notifications and potentially leading to account blocking due to constant OTP requests.
Join 2 million subscribers

A curated newsletter that summarizes the important news at the intersection of Global tech, India Tech and AI.

Delivered 8 AM. Daily.
nextbigwhat We would like to show you notifications for the latest news and updates.
Allow Notifications