By Dancho Danchev
Earlier this year we profiled a newly released mobile/phone number harvesting application, a common tool in the arsenal of mobile spammers, as well as vendors of mobile spam services. Since the practice is an inseparable part of the mobile spamming process, cybercriminals continue periodically releasing new mobile number harvesting applications, update their features, but most interestingly, continue exclusively targeting Russian users.
In this post, I’ll profile yet another DIY mobile number harvesting tool available on the underground marketplace since 2011, and emphasize on its most recent (2013) updated feature, namely, the use of proxies.
Sample screenshot of the DIY Russian mobile number harvester:
Next to Russian mobile numbers, the tool has the capacity to (recursively) harvest proxies and email addresses. What’s worth emphasizing on regarding this particular tool is that, it took its author two years to (publicly) introduce a new feature, in this case, the use of proxies, a handy feature when interacting with sites who may challenge the Web session with a CAPTCHA. What seems to be the reason behind this slow development process? It’s the fact that the author maintains a portfolio of related automatic account registration, mass SMS sending and pseudo-anonymous email sending tools – leading us to the conclusion that those who generate most of his revenue, naturally get most of his coding attention.
Despite the fact that compared to the previously profiled mobile/phone number harvesting tool, this one appears to be a low priority project for its developer. We’ll continue monitoring its development and post updates as soon as new features get introduced.