Injecting malware to apps: The new ‘expensive’ on dark web

Crime Cyber security Technology

The price of a loader, used to inject malware into an app ranges from $2,000 to $20,000 on dark web.

Cyber criminals are negotiating prices on illegal markets, like the dark web for Google Play Loaders – programs used to inject malicious or unwanted codes into an application, shows a research  by Kaspersky, a Russian cyber security and antivirus company.

The study that was conducted using Kaspersky Digital Footprint intelligence shows that the price of a loader ranges from $2,000 to $20,000 (Rs. 1,64,169 to Rs. 16,41,694). Study shows, that the most popular application categories to hide malware and unwanted software include cryptocurrency trackers, financial apps, QR-code scanners and dating apps.

On criminal dark web forums,  Virtual Private Seller, a product which is being used to control infected phones or redirect traffic, was priced at $300 (Rs. 24,625). Also, a malware obfuscation service, which bypasses security systems by obfuscating malicious code, was priced from $30 to $440 (Rs. 2462 to Rs. 36,117) depending on the seller with various other products and services.

Anil Rachamalla, Chief Executive Officer (CEO) and Founder of End Now Foundation, a non-profit organisation advocating for better internet ethics and digital wellbeing said that, if someone is downloading an application from Play Store, it might have malwares attached to it which  steals data from the phone and most of the app frauds happen  because of such applications.

He added, “Google Play Store which is more of a free market place. has matured to a very large extent of what they were a couple of years ago, but there are some breaches beyond the control of Play Store. However, Google should take  more responsibility.”

The Kaspersky report shows that malware enters the phone when the user updates the downloaded application.  Depending on the loader that has been injected, the user is requested permissions to access key data from the phone including camera and microphone. The notifications do not disappear until all the permissions are granted and then the device is infected.

Alisa Kulishenko, a security expert at Kaspersky, told VPN Overview, a platform that conducts research on online privacy, security, and internet freedom said  , cybercriminals often steal reputable Google Play developer accounts and app-signing keys, offering them for sale on the dark web.

The report also found that criminals are using messaging platforms like Telegram to keep a low-profile on their activities.  Anil said “Telegram is used by cyber criminals as it is an open platform.” He added that data up to two gigabytes can be sent and you can have two lakh people in a group.  Some of the vulnerabilities are that the phone numbers are will not displayed and virtual numbers can be registered.

Amrit Singh, an application developer said,“Google Play Store’s automated systems have limitations in detecting certain types of spamming apps or may rely heavily on user-reported feedback, which is being manipulated or biased.”

He added that the automated detection mechanisms to identify and block spamming apps should be more effective. This includes employing machine learning algorithms, heuristics, and other advanced technologies to detect and prevent spamming app submissions.

Data from Astra Security, a cyber-security company shows that, ransomware attacks have risen by 13 percent in the last five years, with an average cost of $1.85 million per incident. By 2031, statistics predict a ransomware attack every two seconds and there were around $236.7 million ransomware attacks globally in the first half of 2022.

Recent data from the Home Department shows that Bengaluru lost Rs. 517.6 crore to cybercrimes in four years from Jan.2019 to Jan.2023, at Rs. 35 lakhs a day.

Amrit said that the government and law enforcement agencies, security researchers, and other relevant authorities need to work collaboratively to identify and take down illegal marketplaces on the dark web. “They need to track and apprehend malicious actors, and enforce strict legal actions against those involved in illegal activities,” he added.

Anil Rachamalla said that there are many conversations around this issue that are yet to be addressed.

Tagged