BTC $63442.8276
ETH $3469.7477
BNB $414.4838
SOL $128.8578
XRP $0.6333
ADA $0.7553
DOGE $0.1556
AVAX $42.2817
DOT $9.6926
wstETH $4022.3454
TRX $0.1396
LINK $20.2249
WETH $3455.5461
MATIC $1.0912
UNI $12.3248
WBTC $63402.0644
BCH $454.1971
LTC $89.7149
IMX $3.2697
ICP $13.1197
FIL $10.0810
CAKE $3.2889
ETC $33.3804
LEO $4.7626
ATOM $12.4298
RNDR $7.5236
TON $2.6714
KAS $0.1683
HBAR $0.1120
INJ $39.9268
DAI $0.9998
OKB $57.5556
VET $0.0485
STX $3.0863
FDUSD $0.9998
WEMIX $2.8006
XLM $0.1364
NEAR $4.5218
PEPE $0.0000
XMR $146.1340
LDO $3.3155
GRT $0.3143
ARB $1.9894
THETA $2.3291
TIA $15.9776
ENS $21.4774
CRO $0.1387
BTC $63442.8276
ETH $3469.7477
BNB $414.4838
SOL $128.8578
XRP $0.6333
ADA $0.7553
DOGE $0.1556
AVAX $42.2817
DOT $9.6926
wstETH $4022.3454
TRX $0.1396
LINK $20.2249
WETH $3455.5461
MATIC $1.0912
UNI $12.3248
WBTC $63402.0644
BCH $454.1971
LTC $89.7149
IMX $3.2697
ICP $13.1197
FIL $10.0810
CAKE $3.2889
ETC $33.3804
LEO $4.7626
ATOM $12.4298
RNDR $7.5236
TON $2.6714
KAS $0.1683
HBAR $0.1120
INJ $39.9268
DAI $0.9998
OKB $57.5556
VET $0.0485
STX $3.0863
FDUSD $0.9998
WEMIX $2.8006
XLM $0.1364
NEAR $4.5218
PEPE $0.0000
XMR $146.1340
LDO $3.3155
GRT $0.3143
ARB $1.9894
THETA $2.3291
TIA $15.9776
ENS $21.4774
CRO $0.1387
  • Catalog
  • Blog
  • Tor Relay
  • Jabber
  • One-Time notes
  • Temp Email
  • What is TOR?
  • We are in tor
  • A Mexican hacker stole over 350,000 euros from banking users all over the world.

    Smishing, fake websites, and remote access trojans all contributed to the wealthy fortune of the cunning criminal.

    From June 2021 to April 2023, a Mexican hacker known as "Neo Net" used malware for Android devices to launch numerous cyberattacks on banks across the globe, focusing on Spain and Chile. Paul Till, a security researcher, made this claim in a recent SentinelOne report that was co-published with VX-Underground.

    The primary technique used to spread the mobile virus was SMS phishing, or "smishing," in which the hacker used false reports of problems with their bank accounts to frighten his victims before redirecting them to phoney banking websites where they collected personal information about their targets.

    Paul Till said that phishing pages had several security features that were carefully configured using the PRIV8 panels, including blocking requests from desktop browsers and hiding pages from bots and web crawlers.

    These pages have been created with animations and other components to closely resemble actual banking applications, the researcher continued.

    Additionally, the hacker persuaded bank customers to install fake Android apps that looked like security software but actually requested access to SMS in order to intercept two-factor authentication (2FA) codes sent by the bank. These apps then asked for permission to access SMS after being installed.

    Till said, "Despite the use of relatively simple tools, Neo_Net has achieved a high degree of success by tailoring its infrastructure to specific purposes, which has resulted in the theft of more than 350 thousand euros from the victims' bank accounts and the compromise of personal data for thousands of them."

    Neo_Net is connected to a Mexican-born Hispanic assailant. He has established himself as a skilled cybercriminal by operating a Smishing-as-a-Service called Ankarex that targets numerous nations worldwide and selling phishing panels and stolen victim data to third parties.

    Since May 2022, the Ankarex platform has been operational. The hacker's Telegram channel, which has about 1,700 subscribers right now, actively promotes it.

    According to a SentinelOne expert, "the service itself is available at ankarex[.]net, and after registration, users can replenish their balance with cryptocurrency transfers and start their own Smishing campaigns, indicating the content of the SMS and phone numbers of the targets."

    It's interesting that news of Neo Net's activities broke right after ThreatFabric researchers published a report about a fresh attack by the Anatsa Trojan (also known as TeaBot), which has been targeting bank customers in the US, UK, Germany, Austria, and Switzerland since the beginning of March 2023.

    Author DeepWeb
    North Korean Genius Mysteries: North Korean Students Win International Hacking Competition in the United States
    Code red for the entire world: the TrueBot botnet's threat grows.

    Comments 0

    Add comment