InTheBox’s Menacing Offer: Over 1,800 Android Phishing Forms for Sale

Cybercrime market sells over 1,800 Android phishing scams

On Russian cybercrime forums, a threat actor called InTheBox has posted an inventory of 1,894 Web Injects (overlays on phishing windows), which are used to steal sensitive data and credentials from apps for banking, cryptocurrency exchanges, and ecommerce.

The overlays mimic major apps used by dozens of countries in almost every continent and are compatible with Android banking malware.

Cybercriminals can focus on other aspects of their campaigns and malware development, as well as expand their attacks to other regions, when they have such a large number of low-cost tools available.