The user has been advertising the purchase of an Android thief that can deliver compressed pictures from the victim’s phone to the user via a Telegram bot.
Threat actors regularly discover new ways to make money off of bad items, including identity theft and extortion.
Once more, it was discovered that users of hacker forums were selling malware through the site. In contrast to the other user, who was trying to sell source code, the first was advertising Android Stealer.
The First Case: Android Snatcher on Sale
In the message, it’s stated that the user has been advertising the purchase of an Android thief that can send compressed photographs from a victim’s phone to the user via a Telegram bot.
An appealing tool for anyone trying to steal images from Android devices, the app is simple to use and doesn’t require any hosting or name.
To make the app even more appealing, the developer has also pledged to modify the name and icon according to the user’s preferences.
However, for the software to function, the victim must give it the right to view the storage on their phone.
The Second Case: Source Code for Sale
A different forum user is offering the source code to a hacker who can use it to steal cookies and passwords, capture screenshots, and learn details about the victim’s PC.
The forum post claims that the stealer has been totally redesigned from the ground up in C++ over .NET, with no dependency on the .NET version.
The stealer uses its TCP protocol to communicate with a server across sockets and is also intended to run on Windows 7 through Windows 11.
Via a special key that the server creates for each computer, all data is sent to and received from it in encrypted form. The distribution model for this thief is a subscription to a term.