Android Phishing Forms for Sale on Cybercrime Market: Over 1,800 Web Injects Available

A threat actor named InTheBox is offering 1,894 web injects for sale on Russian cybercrime forums. These web injects are designed to steal credentials and sensitive data from banking, cryptocurrency exchange, and e-commerce apps. The overlays are compatible with various Android banking malware and mimic apps operated by major organizations used in dozens of countries on almost all continents. The low prices of the web injects allow cybercriminals to focus on other parts of their campaigns, such as the development of the malware, and to widen their attack to other regions. Mobile banking trojans check what apps are present on an infected device and pull from the command and control server the web injects corresponding to the apps of interest. When the victim launches a target app, the malware automatically loads the overlay that mimics the interface of the legitimate product. InTheBox provides up-to-date injects for hundreds of apps, and also sells web injects individually for $30 each. The shop also allows users to order custom injects for any malware. InTheBox's web inject packages include app icon PNGs and an HTML file with JavaScript code that collects the victims credentials and other sensitive data. In most cases, the injects feature a second overlay that requests the user to enter credit card numbers, expiration dates, and CVV numbers. The stolen data is converted into string value and sent to a server controlled by the operator of the Android banking trojan. InTheBox has been selling web injects for Android malware since February 2020, and has been used by the Coper and the Alien Android trojans in 2021 and September 2022, respectively, while the most recent campaign occurred in January 2023 and targeted Spanish banks.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Wed, 01 Feb 2023 22:32:03 +0000


Cyber News related to Android Phishing Forms for Sale on Cybercrime Market: Over 1,800 Web Injects Available

Android Phishing Forms for Sale on Cybercrime Market: Over 1,800 Web Injects Available - A threat actor named InTheBox is offering 1,894 web injects for sale on Russian cybercrime forums. These web injects are designed to steal credentials and sensitive data from banking, cryptocurrency exchange, and e-commerce apps. The overlays are ...
1 year ago Bleepingcomputer.com
The New Cybercrime Atlas: A Collaborative Approach to Fighting Digital Crime - The global transition to the digital economy means that the operations of governments, critical infrastructures, businesses, and individuals are now a tightly integrated system of interconnected resources. Cybercrime presents a significant risk to ...
10 months ago Feeds.fortinet.com
Spear Phishing vs Phishing: What Are The Main Differences? - Almost half of them used phishing to obtain the passwords of users. Highly targeted phishing campaigns against specific individuals or types of individuals are known as spear phishing. It's important to be able to spot phishing in general. For ...
10 months ago Techrepublic.com
InTheBox Threat Actor Selling Over 1,800 Web Injects on Cybercrime Forums - Over 1,800 web injects are for sale on Russian cybercrime forums by a threat actor called InTheBox. These phishing windows are meant to steal credentials from banking, cryptocurrency exchange, and e-commerce apps by imitating widely-used software, ...
1 year ago Heimdalsecurity.com
German police takes down Kingdom Market cybercrime marketplace - The Federal Criminal Police Office in Germany and the internet-crime combating unit of Frankfurt have announced the seizure of Kingdom Market, a dark web marketplace for drugs, cybercrime tools, and fake government IDs. The law enforcement operation ...
1 year ago Bleepingcomputer.com
Flipping the BEC funnel: Phishing in the age of GenAI - For years, phishing was just a numbers game: A malicious actor would slap together an extremely generic email and fire it out to thousands of recipients in the hope that a few might take the bait. Common among these new techniques was a shift towards ...
11 months ago Helpnetsecurity.com
What SOCs Need to Know About Water Dybbuk - According to the Federal Bureau of Investigation, BEC costs victims more money than ransomware, with an estimated US$2.4 billion being lost to BEC in the US in 2021. Recently, BEC scammers have been using stolen accounts from legitimate Simple Mail ...
1 year ago Trendmicro.com
CMMC v2.0 vs NIST 800-171: Understanding the Differences - The NIST SP 800-171 lays out the requirements for any non-federal agency that handles controlled unclassified information, or other sensitive federal information. DFARS does not address the CMMC at all but a new clause is currently being drafted for ...
11 months ago Securityboulevard.com
Combat Phishing Attacks With AI-Powered Threat Protection - According to statistics, 81% of organizations have seen an increase in phishing emails since 2020, with an estimated 3.4 billion emails sent every day. AI-generated phishing emails are a sophisticated and evolving cybersecurity threat. ...
10 months ago Gbhackers.com
Telegram is a Wide-Open Marketplace for Phishing Tools - The encrypted messaging app Telegram has become a veritable marketplace for bad actors who want to launch effective phishing campaigns on the cheap, essentially democratizing the cyberthreat, according to researchers at cybersecurity firm Guardio. ...
10 months ago Securityboulevard.com
US charged 19 suspects linked to xDedic cybercrime marketplace - The U.S. Department of Justice announced the end of a transnational investigation into the dark web xDedic cybercrime marketplace, charging 19 suspects for their involvement in running and using the market's services. An international operation ...
11 months ago Bleepingcomputer.com
Revenue from Darknet Markets Dropped to 13 Billion in 2022 - The amount of money earned by darknet markets decreased from $2.6 billion in 2021 to $1.3 billion in 2022, according to a new study. Researchers from blockchain analysis firm Chainalysis attributed much of the decline to the closure of Hydra Market, ...
1 year ago Therecord.media
UN Cybercrime Convention: Tight Timeframe to Create New Global Approach to Combat Cybercrime - Cybercrime is a growing problem that affects nearly all of the world's nearly 200 nation-states. From ransomware attacks to rampant cryptocurrency theft, criminal exploitation of borderless digital systems threatens global economic security and the ...
1 year ago Csoonline.com
Telegram Emerges as Hub for Cybercrime, Phishing Attacks as Cheap as $230 - Cybersecurity experts raise alarms as Telegram becomes a hotspot for cybercrime, fueling the rise of phishing attacks. In a recent development, cybersecurity researchers shed light on the democratization of the phishing landscape, courtesy of ...
10 months ago Cysecurity.news
Stop, Collaborate and Listen: Disrupting Cybercrime Networks Requires Private-Public Cooperation and Information Sharing - As we reflect on 2022, we've seen that malicious actors are constantly coming up with new ways to weaponize technologies at scale to cause more disruption and devastation. The dangers are showing up everywhere - and more frequently. The volume and ...
1 year ago Securityweek.com
Prioritizing cybercrime intelligence for effective decision-making in cybersecurity - In this Help Net Security interview, Alon Gal, CTO at Hudson Rock, discusses integrating cybercrime intelligence into existing security infrastructures. Our discussion will cover a range of essential aspects, from the importance of continuous ...
10 months ago Helpnetsecurity.com
The Future of Phishing Email Training for Employees in Cybersecurity - One common method they use is through phishing emails. To counter this changing threat, companies must give importance to providing phishing email training for employees on identifying and responding properly to phishing attempts. Standard training ...
7 months ago Hackread.com
Over 800 Phony "Temu" Domains Lure Shoppers into Credential Theft - Stay alert against Temu phishing scams: Cybersecurity experts warn of scammers using fake giveaways to steal credentials. Over 800 new 'Temu' domains registered in the past 3 months. Temu is the latest brand chosen by scammers for their phishing ...
10 months ago Hackread.com
Incognito Darknet Market Mass-Extorts Buyers, Sellers - Borrowing from the playbook of ransomware purveyors, the darknet narcotics bazaar Incognito Market has begun extorting all of its vendors and buyers, threatening to publish cryptocurrency transaction and chat records of users who refuse to pay a fee ...
9 months ago Krebsonsecurity.com
Phishing Campaign Exploits Open Redirection Vulnerability In 'Indeed.com' - Phishing remains one of the most prevalent challenges facing organisations, with more than three billion malicious emails estimated to be sent around the world every day. Owing to the prevalence of the problem, Verizon's 2023 Data Breach ...
9 months ago Cyberdefensemagazine.com
The old, not the new: Basic security issues still biggest threat to enterprises - Attacks on critical infrastructure reveal industry faux pas. Ransomware attacks on enterprises saw a nearly 12% drop last year, as larger organizations opt against paying and decrypting, in favor of rebuilding their infrastructure. X-Force analysis ...
9 months ago Helpnetsecurity.com
Police takes down BulletProftLink large-scale phishing provider - The notorious BulletProftLink phishing-as-a-service platform that provided more than 300 phishing templates has been seized, the Royal Malaysian Police announced. The operation started in 2015 but came to researchers' radar later and became more ...
1 year ago Bleepingcomputer.com
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
1 year ago Esecurityplanet.com
Vade Releases 2023 Phishers' Favorites Report - PRESS RELEASE. SAN FRANCISCO, Feb. 15, 2024 /PRNewswire/ - Vade, a global leader in threat detection and response with more than 1.4 billion mailboxes protected, today announced its annual Phishers' Favorites report for 2023. Phishers' Favorites ...
10 months ago Darkreading.com
China's biggest lender ICBC hit by ransomware attack - Industrial and Commercial Bank of China Ltd Nov 10 - The Industrial and Commercial Bank of China's U.S. arm was hit by a ransomware attack that disrupted trades in the U.S. Treasury market on Thursday, the latest in a string of victims ...
1 year ago Reuters.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)