Tuesday, December 3, 2024
HomeCyber Security NewsHackers Selling SMS Bomber Attack Tools on Underground Forums

Hackers Selling SMS Bomber Attack Tools on Underground Forums

Published on

SIEM as a Service

In the current world of cybersecurity, security threats are evolving at a rapid pace, as there are always new problems to deal with.

Among the ever-evolving threats, SMS Bomber attacks are one of the modern attacks in the current threat landscape that can cause severe and adverse effects.

In SMS Bomber attacks the attacker hit the victim by flooding their phone number with numerous text messages. Since these large amounts of SMS overload the phones with unwanted triggers that flood the device with unwanted:-

- Advertisement - SIEM as a Service
  • Vibrations
  • Alert sounds
  • Notifications

Cybersecurity researchers at SOCRadar recently identified that hackers are actively selling SMS Bomber attack tools on several underground forums. While these attacks are executed for several illicit purposes, including:-

  • Trolling
  • Cyberbullying
  • Diverting the attention of the target

Distribution platforms

Moreover, besides the underground forums, for distribution and selling SMS Bomber attack tools, threat actors are also exploiting the messaging and open-source code-sharing platforms like:-

  • Telegram
  • ICQ
  • Discord
  • GitHub
  • Replit

SMS Bomber Market & Pricing

Security analysts at SOCRadar identified the following pricing chart in one of the underground forums:-

  • Flood email for 1 hour: $1.7 
  • Flood phone call for 1 hour: $8-$14 (120 – 200 calls per hour from different numbers) (US / Canada)
  • Flood sms phone for 1 hour: $18 (4-5 sms per minute) (US / Canada)
  • For 1 spam sms: $0.03 (US / Canada)
One of the SMS Bomber service lists (Source – SOCRadar)

Other posts and service posts that are discovered by the researchers in different forums and platforms:-

Underground forum post related to SMS BOMBER (Source – SOCRadar)

Moreover, through the redirected link, a membership-based panel was discovered offering various services including SMS attacks. With fees determined by attack duration like:- 

  • $7.50 for 1 hour
  • $615 for 100 hours
SMS Bomber service post (Source – SOCRadar)

While in the case of messaging platforms, Telegram stood at the top, since experts found a channel boasting 94,925 subscribers, and this channel was active since December 16, 2022.

To get all information about prices, security analysts established direct communication with the bot.

Pricing details (Source – SOCRadar)

Here below we have mentioned all the replies that are provided by the bot when asked, What can it do?:-

  • Perform SMS flooding 
  • Make flood calls
  • Send callback requests
  • Send prank calls
  • Send a recording of the call

During their investigation, researchers discovered another Telegram channel with 352 subscribers on which they found an SMS Validator app. 

SMS Validator (Source – SOCRadar)

This app is an SMS Bomber since it completely works like an SMS Bomber, and it is available at $18 for single and lifetime use.

In the case of open-source sharing platforms like GitHub and Replit, cybersecurity researchers found the following top queries with their respective code counts:-

  • SMS bomb with 1K Code
  • SMS bomber with 4.9K Code
  • SMS bombing with 341 Code

Apart from all these platforms, experts also used Google Dorks for more data that helped in mapping the web addresses, countries of affiliation, and sectoral information.

Countries of Affiliation  (Source – SOCRadar)

Here below are the sectors that are mapped:-

Industries of Affiliation  (Source – SOCRadar)

Protection Methods

Here below we have mentioned all the protection methods that are provided by the security analysts:-

  • Spam Filters
  • Number Hiding
  • Reliable Sources
  • Countermeasures to be taken by SMS Service Providers
  • API Security
  • Authentication Layers
  • Data Breach Monitoring
  • Web Security
  • Authorization
  • Access Controls

Keep informed about the latest Cyber Security News by following us on GoogleNewsLinkedinTwitter, and Facebook.

Tushar Subhra
Tushar Subhra
Tushar is a Cyber security content editor with a passion for creating captivating and informative content. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news.

Latest articles

Threat Actors Allegedly Claims Breach of EazyDiner Reservation Platform

Reports have emerged of a potential data breach involving EazyDiner, a leading restaurant reservation...

Salesforce Applications Vulnerability Could Allow Full Account Takeover

A critical vulnerability has been discovered in Salesforce applications that could potentially allow a...

TP-Link HomeShield Function Vulnerability Let Attackers Inject Malicious Commands

A significant vulnerability has been identified in TP-Link's HomeShield function, affecting a range of...

ElizaRAT Exploits Google, Telegram, & Slack Services For C2 Communications

APT36, a Pakistani cyber-espionage group, has recently upgraded its arsenal with ElizaRAT, a sophisticated...

API Security Webinar

72 Hours to Audit-Ready API Security

APIs present a unique challenge in this landscape, as risk assessment and mitigation are often hindered by incomplete API inventories and insufficient documentation.

Join Vivek Gopalan, VP of Products at Indusface, in this insightful webinar as he unveils a practical framework for discovering, assessing, and addressing open API vulnerabilities within just 72 hours.

Discussion points

API Discovery: Techniques to identify and map your public APIs comprehensively.
Vulnerability Scanning: Best practices for API vulnerability analysis and penetration testing.
Clean Reporting: Steps to generate a clean, audit-ready vulnerability report within 72 hours.

More like this

Threat Actors Allegedly Claims Breach of EazyDiner Reservation Platform

Reports have emerged of a potential data breach involving EazyDiner, a leading restaurant reservation...

Salesforce Applications Vulnerability Could Allow Full Account Takeover

A critical vulnerability has been discovered in Salesforce applications that could potentially allow a...

TP-Link HomeShield Function Vulnerability Let Attackers Inject Malicious Commands

A significant vulnerability has been identified in TP-Link's HomeShield function, affecting a range of...