Researchers have observed a rising trend in the use of specialized mobile Android OS device spoofing tools to defraud the users of online baking, advertising networks, and e-commerce portals, worldwide. These tools are used to impersonate compromised account holders and bypass anti-fraud controls to conduct online banking theft and fraud.
More in details
For Q1 2023, Resecurity identified a surge in the emergence of such types of tools on the dark web.
These tools were also sold on several private Telegram forums, promising to offer a wide range of features, such as anti-detect browsers, device fingerprint emulators, and spoofers to cybercriminals.
Many of these tools also include the ability to manage cookies, spoof location, and change device fingerprint capabilities.
One XSS forum member, Daddy Goose, was found offering a tool with mobile anti-detect capability.
Mobile anti-detect tool gains traction
Among all these tools, a huge demand for mobile anti-detect tools has been observed on the dark web. One such tool, named Enclave Service, is gaining popularity among cybercriminals.
Components in Enclave Service are similar to the MacFly tool that went out of service a few years ago.
Other top anti-detection kits are AntBrowser, Lalicat, Aezakmi, ClonBrowser, MultiLogin, Sphere, GoLogin, Incognition, VMMask, Dolphin{anty}, VMLogin, IndigoBrowser, SessionBox, Octo Browser, MoreLogin, Undetectable, LinkenSphere, and Kameleo.
These tools are capable of spoofing mobile device fingerprints and other software and network parameters typically analyzed by anti-fraud systems.
Most of these exploit kits are designed for One Plus and Xiaomi Redmi devices and work by allowing threat actors to install a proxy server on the device.
This enables scammers to use the victim’s IP addresses and access their online banking accounts.
Conclusion
Researchers claim that threat actors might continue using the emerging tactic to perform fraudulent activities. With the continued growth of online payments and mobile transactions worldwide, it is recommended that banking firms upgrade their security checks for illegitimate transactions. Moreover, payment firms, online retailers, and financial institutions must stay up to date on the latest fraud trends through shared threat intel solutions.