Profiling for underground service harvests mobile phone numbers

Dancho Danchev profiled a new service harvests mobile phone numbers advertised in the underground, the vendor also proposing SMS spamming and phone number verification service.

A new service harvests mobile phone numbers advertised in the underground is the demonstration that mobile is becoming a privileged target for cybercrime. Botnets, mobile malware, ransomware, DDoS applications and hacking tools are becoming part of the offer in the underground.

But underground is very dynamic and new proposal daily emerge from the black market, today I’ll discuss about a new service launched that harvest mobile phone numbers on demand.

A couple of months ago researcher Dancho Danchev already remarked the increasing public availability of managed SMS spam services,  these services could be used by criminals to send hundreds of thousands of SMS messages. The offer for managing SMS spam services was also completed by the possibility to use proprietary or publicly obtainable phone number harvesting application. The underground offer it is able to provide all necessary for illicit activities such as DIY applications for the verification of the validity for harvesting mobile numbers.

In his last post Danchev profiled a new interesting service harvests mobile phone numbers, the service appears very efficient if it is considered that customers could customize the harvesting criteria.

One of the principal feature that catch my attention is the fact that the service explicitly points out the time frame required for the harvesting to take place:

  • from a 1000 to 35,000 harvested phone numbers based on criteria – 1 to 12 hours
  • from 50,000 harvested numbers and more based on criteria – 72 to 86 hours

The previous image is a screenshot reporting a view of the harvested data, each customer could choose harvesting criteria for his demand, default options are:

  • user ID on the Web site from where the mobile phone number was originally harvested
  • name/nickname
  • city
  • education background
  • ork position
  • contact details (as provided)
  • ICQ and Skype

But the services provide more interesting features for customization of the demand of harvested phone numbers. The cyber criminals could in fact express preference for a geographic area (Country, Region or City) or could be interested in exploits phone numbers of a private organization or an E-shops service. The attackers could also select numbers to harvest based  on sex, age and work position of victims, all these information as it is imaginable could allow a criminal to select with surgical precision the scope of its action and the target to attack.

Manager of the service harvests mobile phone numbers promises 100% custom harvesting based on a potential customer’s preference,  the accepted payment method for the service is WebMoney.

Danchev revealed that the vendor of the service harvests mobile phone numbers is trying to increase its reputation in underground also proposing SMS spamming/SMS based TDoS (telephony denial of service attack) services and phone number verification services.

As stated by Danchev security experts believe that offer following cybercrime-as-a-service model will increase in the next months due the high interest manifested by crime in mobile platforms.

Pierluigi Paganini

(Security Affairs –  service harvests mobile phone numbers. cybercrime)

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Recent Posts

U.S. CISA adds Microsoft Internet Explorer and Twilio Authy bugs to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Internet Explorer and Twilio Authy bugs…

3 hours ago

China-linked APT group uses new Macma macOS backdoor version

China-linked APT group Daggerfly (aka Evasive Panda, Bronze Highland) Evasive Panda has been spotted using an…

14 hours ago

FrostyGoop ICS malware targets Ukraine

In April 2024, Dragos researchers spotted the malware FrostyGoop that interacts with Industrial Control Systems…

1 day ago

Hackers abused swap files in e-skimming attacks on Magento sites

Threat actors abused swap files in compromised Magento websites to hide credit card skimmer and…

1 day ago

US Gov sanctioned key members of the Cyber Army of Russia Reborn hacktivists group

The US government sanctioned two Russian hacktivists for their cyberattacks targeting critical infrastructure, including breaches…

2 days ago

EvilVideo, a Telegram Android zero-day allowed sending malicious APKs disguised as videos

EvilVideo is a zero-day in the Telegram App for Android that allowed attackers to send…

2 days ago

This website uses cookies.