BTC $56772.0455
ETH $3229.2692
BNB $393.0365
SOL $106.6536
stETH $3224.6597
XRP $0.5621
ADA $0.6137
AVAX $38.6261
DOGE $0.0960
TRX $0.1415
wstETH $3753.2551
DOT $8.0619
LINK $18.8685
WETH $3222.5827
MATIC $1.0217
UNI $10.5943
WBTC $56672.8182
IMX $3.2827
ICP $12.8638
BCH $296.0952
LTC $73.4211
CAKE $3.1049
LEO $4.3751
ETC $27.6986
FIL $7.7121
KAS $0.1681
RNDR $7.1714
DAI $0.9992
HBAR $0.1085
ATOM $10.9103
INJ $37.3719
VET $0.0480
TON $2.1032
OKB $51.5043
FDUSD $1.0007
LDO $3.4620
STX $3.0518
XMR $133.5710
ARB $1.8885
XLM $0.1189
GRT $0.2844
TIA $16.9400
NEAR $3.9210
ENS $21.6903
MKR $2126.5962
WEMIX $2.0704
APEX $2.3723
BTC $56772.0455
ETH $3229.2692
BNB $393.0365
SOL $106.6536
stETH $3224.6597
XRP $0.5621
ADA $0.6137
AVAX $38.6261
DOGE $0.0960
TRX $0.1415
wstETH $3753.2551
DOT $8.0619
LINK $18.8685
WETH $3222.5827
MATIC $1.0217
UNI $10.5943
WBTC $56672.8182
IMX $3.2827
ICP $12.8638
BCH $296.0952
LTC $73.4211
CAKE $3.1049
LEO $4.3751
ETC $27.6986
FIL $7.7121
KAS $0.1681
RNDR $7.1714
DAI $0.9992
HBAR $0.1085
ATOM $10.9103
INJ $37.3719
VET $0.0480
TON $2.1032
OKB $51.5043
FDUSD $1.0007
LDO $3.4620
STX $3.0518
XMR $133.5710
ARB $1.8885
XLM $0.1189
GRT $0.2844
TIA $16.9400
NEAR $3.9210
ENS $21.6903
MKR $2126.5962
WEMIX $2.0704
APEX $2.3723
  • Catalog
  • Blog
  • Tor Relay
  • Jabber
  • One-Time notes
  • Temp Email
  • What is TOR?
  • We are in tor
  • For $20,000 you can access the data of millions of Android users

    Kaspersky Lab experts report that $20,000 can be used to purchase a malicious application that a victim can download from the Google Play Store.

    Experts studied 9 darknet markets between 2019 and 2023 and found a lot of codes and services for sale to infect and hack users' devices through Google Play.

    In order to inject a malicious app into Google Play, cybercriminals need to buy a Play developer account at a price of $60 to $200 each. Once the account is purchased, the attacker will be able to use the malware downloader.

    Spyware in the Play Store can get Google's attention and result in the removal of the app and the developer's account. The downloader helps to avoid deletion - the program "hides" in a harmless-looking application (dropper) installed from Google Play, and at some point the downloader will install an update that contains malicious code that allows a hacker to steal data or money.

    The update may also request additional permissions to access the victim's files, and the application may refuse to run until the necessary privileges are granted. These tools are more expensive, ranging from $2,000 to $20,000, depending on the complexity and features required.

    According to Kaspersky Lab researchers, a trojanized application may also have debugger or sandbox detection features. If a suspicious environment is detected, the bootloader can stop its work or notify the cybercriminal that the malicious activity was probably noticed by information security specialists.

    Criminals who don't want to pay thousands of dollars for a downloader can pay significantly less - $50 to $100 - for a tethering service that hides a malicious APK file in a legitimate app. However, such a file has a lower installation success rate compared to downloaders.

    Other illegal services include VPS servers ($300) that allow hackers to redirect traffic or control infected devices, and web injectors ($25 to $80) that make sure victims visit selected websites on their infected devices and replaced these pages with malicious ones that steal credentials and other information.

    In addition, in order to increase the number of downloads of a malicious application and make it more attractive to other mobile users, scammers can buy installations at prices ranging from $0.1 to $1 per unit.

    To avoid falling prey to such applications, the researchers remind users not to install unknown applications and always check the required permissions to make sure that the program is not accessing more information than it needs to work. In addition, organizations are encouraged to protect developer accounts from hacking by using strong passwords and multi-factor authentication (MFA). It is also a good idea to monitor dark web forums for dumps of stolen credentials.

    Author DeepWeb
    FBI urges people not to charge their smartphones at the mall or at the airport
    New QBot Banking Trojan Operation Uses Compromised Business Emails as Entry Point

    Comments 0

    Add comment