SCF Advanced Search

  • Total Posts: 40158
  • Total Topics: 14266
  • Online Today: 749
  • Online Ever: 51419
  • (01. January 2010., 10:27:49)

Author Topic: iDroid Bot for Sale Taps Into Mobile Wallets  (Read 1725 times)

0 Members and 1 Guest are viewing this topic.


  • SCF VIP Member
  • *****
  • Posts: 776
  • KARMA: 117
  • Gender: Male
  • Pez
iDroid Bot for Sale Taps Into Mobile Wallets
« on: 15. April 2014., 09:42:14 »
iDroid Bot for Sale Taps Into Mobile Wallets

During recent weeks we’ve seen a new botnet kit advertised in several Russian forums. The iDroidbot costs US$1,500 and targets phones running iOS 7.1 and earlier, as well as Android 2.2 and later. The kit has some interesting features, including a credit-card number grabber and a method for draining mobile wallets

According to the developer, the bot has the following features:
  • Web administration
  • Windows XP, 7 administration
  • Server connection through TOR
  • Connection via proxy

The login screen of the panel (in screen above) shows options such as the TOR/Proxy login.

The malware can tap into several mobile wallets:
  • Search and inject into purses on infected machines
  • Drain a victim’s Visa QIWI Wallet (up to Version 2.8.4) by substituting operations
  • Drain WebMoney Keeper Mobile (up to Version 3.0.8 on R and Z purses) by substituting operations
  • Drain Yandex 2.2 (up to Version 2.8.4) by substituting operations

The WM/QIWI/Yandex button (below) shows options for stealing from the wallets:

The preceding screenshot demonstrates theft from a QIWI Wallet, whose electronic payment system allows customers to make payments online for items such as utilities, online purchases, and bank loans. In the statistics part of the admin panel, the vendor shows the amount of money earned so far by this setup:

The malware can steal other data, including:
  • Keystrokes by tags or by country. The name Troy appears in the processes.
  • Credit card numbers by country
  • Email by country

Miscellaneous features:
  • Sending SMS in stealth mode to a specified number
  • Recording conversations in .wav files
  • Intercepting SMS from a specific number
  • Taking screenshots

According to the seller, the bots can be spread by the following methods:
  • Android 2.2 or later—by setting the MIDlet, instructions included
  • iOS 7.1 and earlier—by opening the URL and accepting the agreement
  • Sewing a MIDlet to any application

Orginal article: By Christiaan Beek on Apr 10, 2014
Their is two easy way to configure a system!
Every thing open and every thing closed.
Every thing else is more or less complex.

Start Turfing !,8405.msg21475.html#msg21475

Samker's Computer Forum -

iDroid Bot for Sale Taps Into Mobile Wallets
« on: 15. April 2014., 09:42:14 »


With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters)

Enter your email address to receive daily email with ' - Samker's Computer Forum' newest content:

Terms of Use | Privacy Policy | Advertising