Cybercriminals are continuing to innovate within the mobile market segment, with the general availability of TDoS (telephony denial of service) value-added services. This development has been enabled by the commercial availability of non-attributable SIM cards, a supply of easy to use cybercrime-friendly tools and services, evolved CAPTCHA-solving API-enabled processes, plus the evident vertical integration within the managed/for-hire DDoS (distributed denial of service) market segment.. These continuing advances demonstrate cybercriminals’ long-term interest in monetizing the ever-increasing number of international mobile users.
We’ve recently spotted a new, cybercrime-friendly ‘virtual mobile number’ on demand service. It provides potential customers with the ability to utilize an unlimited number of virtual mobile numbers for a variety of cybercrime-friendly activities, including the bypassing of SMS/phone-based pre-authentication checks, commonly used to secure registration services.
What does this self-service cybercrime-friendly ‘virtual mobile number’ service look like? Let’s take a peek.
The service’s inventory currently consists of unlimited ‘virtual mobile numbers’ offered on a monthly subscription based pricing model. For instance, potential customers can get unlimited ‘virtual mobile numbers’ as a service, for 3 days, at the cost of 0.7 cents. They only need to pay $1 for 7 days of subscription, or $4 for full month of service.
The service offers a simple Web-based self-service interface, allowing prospective customers to manage their balance and take advantage of the service’s features.
The service is currently utilizing multiple commercial-grade SIM card devices to maintain the inventory of ‘unlimited virtual mobile numbers’. Let’s take a peek at what the managed cybercrime-friendly ‘virtual mobile number’ service equipment looks like.
With the availability of non-attributable and easy to integrate cybercrime-friendly SIM card services, cybercriminals are perfectly positioned to monetize the bypass of SMS/phone-based pre-authentication checks used by a wide range of cloud services. The technology is also simple to integrate with existing DDoS (distributed denial of service) toolsets, in order to provide TDoS (telephony denial of service) valued-added services and features.