On 10 February 2026, Dutch police arrested a 21-year-old man from Dordrecht as part of an ongoing cybercrime investigation led by Team Cybercrime East Brabant, marking the third arrest in the case.
The suspect is accused of selling the so-called “JokerOTP” bot via a Telegram account and possessing license keys for the software, which was allegedly used by criminals to intercept one-time passwords (OTPs).
Earlier arrests in April and August 2025 targeted the developer and co-developer of the tool. According to authorities, the bot enabled attackers to automate phone calls to victims, impersonate legitimate organizations, and trick individuals into entering temporary authentication codes, allowing criminals to bypass two-factor authentication and compromise accounts.
Police say dozens of Dutch buyers of the tool have been identified and may face prosecution, emphasizing that purchasing or knowingly using software designed for fraud can itself constitute a criminal offense.
