InTheBox Sells Over 1,800 Android Phishing Forms

This statement likely refers to a cybercrime incident involving the sale of phishing forms for the Android operating system. Phishing forms are used by attackers to trick people into entering their sensitive information, such as passwords and credit card numbers, under false pretenses. In this case, it appears that over 1,800 phishing forms were sold through the platform "InTheBox." This highlights the ongoing problem of cybercrime and the need for individuals to be cautious when providing personal information online.

by Vikash Kumawat
0 comment 216 views

Diving into details

InTheBox is promoting an inventory of 1,894 web injects, on Russian cybercrime forums, for pilfering credentials and sensitive data from eCommerce, banking, and crypto apps. 
  • The overlays support several Android banking trojans and impersonate apps operated by organizations across the globe.
  • Initially, the web injects targeted organizations in the U.S., South America, and Australia. However, later the scope was expanded to 44 countries. 
  • As of January 2023, InTheBox offers 814 web injects compatible with Ermac, Octopus, Metadroid, and Alien for $6,512, 495 web injects compatible with Cerberus for $3,960, and 585 web injects compatible with Hydra for $4,680.
  • For buyers not interested in the entire package, individual web injects cost around $30.

why does it matter

  • Due to the mass availability and low cost of web injection, threat actors are able to focus on other parts of their operations, including malware development and expanding their attack surface.
  • Furthermore, these injections can check the validity of credit card numbers entered by victims using the Luhn algorithm which helps Android Trojan operators to remove irrelevant data.


To guard against such threats, the researchers recommend following cyber hygiene practices such as only downloading software from trusted sources, installing and upgrading antivirus software, and enabling Google Play Protect on Android devices. Furthermore, banks and other financial institutions should properly educate their customers to protect themselves from malware attacks through various vectors.

You may also like

Leave a Comment

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More

Are you sure want to unlock this post?
Unlock left : 0
Are you sure want to cancel subscription?
Update Required Flash plugin