BTC $57054.0562
ETH $3243.0497
BNB $394.9600
SOL $108.4177
XRP $0.5865
stETH $3239.3493
ADA $0.6239
AVAX $39.2702
DOGE $0.0977
TRX $0.1428
wstETH $3750.7519
DOT $8.3691
LINK $19.0300
WETH $3348.6813
MATIC $1.0282
UNI $10.8579
WBTC $56903.9273
IMX $3.3452
ICP $13.0217
BCH $292.5040
LTC $74.0124
CAKE $3.1570
ETC $28.0992
LEO $4.3640
FIL $7.6578
KAS $0.1689
RNDR $7.2011
DAI $1.0000
ATOM $11.2097
HBAR $0.1082
INJ $40.1071
VET $0.0489
TON $2.1280
OKB $51.4855
FDUSD $0.9985
LDO $3.4670
STX $2.9465
XMR $135.8398
XLM $0.1230
ARB $1.8948
NEAR $3.9608
TIA $17.0031
WEMIX $2.3756
GRT $0.2795
ENS $22.1963
MKR $2154.9330
APEX $2.3329
BTC $57054.0562
ETH $3243.0497
BNB $394.9600
SOL $108.4177
XRP $0.5865
stETH $3239.3493
ADA $0.6239
AVAX $39.2702
DOGE $0.0977
TRX $0.1428
wstETH $3750.7519
DOT $8.3691
LINK $19.0300
WETH $3348.6813
MATIC $1.0282
UNI $10.8579
WBTC $56903.9273
IMX $3.3452
ICP $13.0217
BCH $292.5040
LTC $74.0124
CAKE $3.1570
ETC $28.0992
LEO $4.3640
FIL $7.6578
KAS $0.1689
RNDR $7.2011
DAI $1.0000
ATOM $11.2097
HBAR $0.1082
INJ $40.1071
VET $0.0489
TON $2.1280
OKB $51.4855
FDUSD $0.9985
LDO $3.4670
STX $2.9465
XMR $135.8398
XLM $0.1230
ARB $1.8948
NEAR $3.9608
TIA $17.0031
WEMIX $2.3756
GRT $0.2795
ENS $22.1963
MKR $2154.9330
APEX $2.3329
  • Catalog
  • Blog
  • Tor Relay
  • Jabber
  • One-Time notes
  • Temp Email
  • What is TOR?
  • We are in tor
  • For $20,000 you can access the data of millions of Android users

    Kaspersky Lab experts report that $20,000 can be used to purchase a malicious application that a victim can download from the Google Play Store.

    Experts studied 9 darknet markets between 2019 and 2023 and found a lot of codes and services for sale to infect and hack users' devices through Google Play.

    In order to inject a malicious app into Google Play, cybercriminals need to buy a Play developer account at a price of $60 to $200 each. Once the account is purchased, the attacker will be able to use the malware downloader.

    Spyware in the Play Store can get Google's attention and result in the removal of the app and the developer's account. The downloader helps to avoid deletion - the program "hides" in a harmless-looking application (dropper) installed from Google Play, and at some point the downloader will install an update that contains malicious code that allows a hacker to steal data or money.

    The update may also request additional permissions to access the victim's files, and the application may refuse to run until the necessary privileges are granted. These tools are more expensive, ranging from $2,000 to $20,000, depending on the complexity and features required.

    According to Kaspersky Lab researchers, a trojanized application may also have debugger or sandbox detection features. If a suspicious environment is detected, the bootloader can stop its work or notify the cybercriminal that the malicious activity was probably noticed by information security specialists.

    Criminals who don't want to pay thousands of dollars for a downloader can pay significantly less - $50 to $100 - for a tethering service that hides a malicious APK file in a legitimate app. However, such a file has a lower installation success rate compared to downloaders.

    Other illegal services include VPS servers ($300) that allow hackers to redirect traffic or control infected devices, and web injectors ($25 to $80) that make sure victims visit selected websites on their infected devices and replaced these pages with malicious ones that steal credentials and other information.

    In addition, in order to increase the number of downloads of a malicious application and make it more attractive to other mobile users, scammers can buy installations at prices ranging from $0.1 to $1 per unit.

    To avoid falling prey to such applications, the researchers remind users not to install unknown applications and always check the required permissions to make sure that the program is not accessing more information than it needs to work. In addition, organizations are encouraged to protect developer accounts from hacking by using strong passwords and multi-factor authentication (MFA). It is also a good idea to monitor dark web forums for dumps of stolen credentials.

    Author DeepWeb
    FBI urges people not to charge their smartphones at the mall or at the airport
    New QBot Banking Trojan Operation Uses Compromised Business Emails as Entry Point

    Comments 0

    Add comment