- CloudSEK has detected automated scripts exploiting OTP verification APIs to execute large-scale SMS attacks, potentially causing service outages and multi-factor authentication fatigue.
- Multiple GitHub repositories have revealed APIs that allow unlimited OTP SMS, posing an increased risk of API abuse and consequential damage to brands’ reputation and finances.
- These discrete attacks could also mask illegitimate login attempts, impacting user notifications and potentially leading to account blocking due to constant OTP requests.
Menu
