The Netherlands Police have arrested a 21-year-old man from Dordrecht suspected of selling access to the JokerOTP phishing automation tool. This tool is capable of intercepting one-time passwords (OTP) to hijack user accounts. The arrest is part of a three-year investigation that led to the dismantling of the JokerOTP phishing-as-a-service operation in April 2025, according to a recent report by Bleeping Computer.The arrested suspect is the third individual apprehended in connection with JokerOTP. Authorities previously arrested the platform's developer and a co-developer. The JokerOTP service allegedly caused at least $10 million in financial losses through over 28,000 attacks targeting users in 13 countries. The seller used a Telegram account to advertise access to the platform via license keys. Subscribers could configure the tool to automate calls to victims, posing as legitimate service representatives, and trick them into revealing OTPs. This sophisticated scam targeted users of services like PayPal, Venmo, Coinbase, Amazon, and Apple.Users are advised to remain vigilant against social engineering tactics, check for data breaches on services like Have I Been Pwned, and report suspicious activities to prevent further exploitation.Source: Bleeping Computer
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds




