BTC $55865.7639
ETH $3222.4858
BNB $400.6682
SOL $110.6842
XRP $0.5548
ADA $0.6230
AVAX $39.2767
DOGE $0.0896
TRX $0.1404
wstETH $3751.1765
LINK $19.0474
DOT $8.0594
WETH $3236.9354
MATIC $1.0625
UNI $10.5983
WBTC $55965.3668
IMX $3.3901
ICP $13.0143
BCH $300.6764
LTC $74.8911
CAKE $3.2355
FIL $8.1517
ETC $28.1561
RNDR $7.4096
KAS $0.1718
DAI $0.9979
HBAR $0.1117
ATOM $11.3293
VET $0.0491
INJ $36.5642
TON $2.1072
OKB $51.3395
LDO $3.5443
FDUSD $1.0015
STX $3.0723
ARB $1.9162
NEAR $4.0168
XMR $131.7677
TIA $17.0755
XLM $0.1186
GRT $0.2823
ENS $22.2643
THETA $2.1117
MKR $2155.4331
WEMIX $2.1023
APEX $2.4575
BEAM $0.0357
BTC $55865.7639
ETH $3222.4858
BNB $400.6682
SOL $110.6842
XRP $0.5548
ADA $0.6230
AVAX $39.2767
DOGE $0.0896
TRX $0.1404
wstETH $3751.1765
LINK $19.0474
DOT $8.0594
WETH $3236.9354
MATIC $1.0625
UNI $10.5983
WBTC $55965.3668
IMX $3.3901
ICP $13.0143
BCH $300.6764
LTC $74.8911
CAKE $3.2355
FIL $8.1517
ETC $28.1561
RNDR $7.4096
KAS $0.1718
DAI $0.9979
HBAR $0.1117
ATOM $11.3293
VET $0.0491
INJ $36.5642
TON $2.1072
OKB $51.3395
LDO $3.5443
FDUSD $1.0015
STX $3.0723
ARB $1.9162
NEAR $4.0168
XMR $131.7677
TIA $17.0755
XLM $0.1186
GRT $0.2823
ENS $22.2643
THETA $2.1117
MKR $2155.4331
WEMIX $2.1023
APEX $2.4575
BEAM $0.0357
  • Catalog
  • Blog
  • Tor Relay
  • Jabber
  • One-Time notes
  • Temp Email
  • What is TOR?
  • We are in tor
  • A Mexican hacker stole over 350,000 euros from banking users all over the world.

    Smishing, fake websites, and remote access trojans all contributed to the wealthy fortune of the cunning criminal.

    From June 2021 to April 2023, a Mexican hacker known as "Neo Net" used malware for Android devices to launch numerous cyberattacks on banks across the globe, focusing on Spain and Chile. Paul Till, a security researcher, made this claim in a recent SentinelOne report that was co-published with VX-Underground.

    The primary technique used to spread the mobile virus was SMS phishing, or "smishing," in which the hacker used false reports of problems with their bank accounts to frighten his victims before redirecting them to phoney banking websites where they collected personal information about their targets.

    Paul Till said that phishing pages had several security features that were carefully configured using the PRIV8 panels, including blocking requests from desktop browsers and hiding pages from bots and web crawlers.

    These pages have been created with animations and other components to closely resemble actual banking applications, the researcher continued.

    Additionally, the hacker persuaded bank customers to install fake Android apps that looked like security software but actually requested access to SMS in order to intercept two-factor authentication (2FA) codes sent by the bank. These apps then asked for permission to access SMS after being installed.

    Till said, "Despite the use of relatively simple tools, Neo_Net has achieved a high degree of success by tailoring its infrastructure to specific purposes, which has resulted in the theft of more than 350 thousand euros from the victims' bank accounts and the compromise of personal data for thousands of them."

    Neo_Net is connected to a Mexican-born Hispanic assailant. He has established himself as a skilled cybercriminal by operating a Smishing-as-a-Service called Ankarex that targets numerous nations worldwide and selling phishing panels and stolen victim data to third parties.

    Since May 2022, the Ankarex platform has been operational. The hacker's Telegram channel, which has about 1,700 subscribers right now, actively promotes it.

    According to a SentinelOne expert, "the service itself is available at ankarex[.]net, and after registration, users can replenish their balance with cryptocurrency transfers and start their own Smishing campaigns, indicating the content of the SMS and phone numbers of the targets."

    It's interesting that news of Neo Net's activities broke right after ThreatFabric researchers published a report about a fresh attack by the Anatsa Trojan (also known as TeaBot), which has been targeting bank customers in the US, UK, Germany, Austria, and Switzerland since the beginning of March 2023.

    Author DeepWeb
    North Korean Genius Mysteries: North Korean Students Win International Hacking Competition in the United States
    Code red for the entire world: the TrueBot botnet's threat grows.

    Comments 0

    Add comment