The California-based cybersecurity firm Resecurity has discovered a brand-new Dark Web marketplace that serves mobile malware developers and operators. Presented below is an overview of the firm’s findings.
What is “In The Box”?
According to Resecurity’s cybersecurity researchers, the new marketplace, called “In The Box” has been available for scammers and cybercriminals on the TOR network since at least early May 2020.
Since then, the marketplace has evolved into a full-fledged cybercrime services facilitator and has become the Dark Web’s largest marketplace, given the many unique tools and WEB-injects up for sale. Cybercriminals can use these tools for online banking and financial fraud, including theft.
Why Web-Injects Are in Demand?
Web-injects are similar to the Man in the Browser attacks. The difference is that these attacks previously worked on PCs using malware like SpyEye, Zeus, and Gozi, whereas threat actors have now learned to apply the same approach to mobile devices.
Web-injects successfully extract sensitive financial data because digital payments are interconnected with mobile apps. Web-injects can be integrated into mobile malware for intercepting banking credentials, social media login details, payment systems, email credentials, etc.
That’s not all. These tools can also collect sensitive data such as credit card info, phone number, personally identifiable information, and address.
How Dangerous is this Marketplace?
Currently, this marketplace has more than 1,849 malicious tools ..
Support the originator by clicking the read the rest link below.
