Connect with us

Cyber Security

Darknet drug markets move to custom Android apps for increased privacy

Published

on

Online markets selling drugs and other illegal substances on the dark web have started to use custom Android apps for increased privacy and to evade law enforcement.

Besides ordering, these apps allow shop clients to communicate with drug vendors and provide specific courier instructions for delivery.

This new trend has been observed by analysts at Resecurity around the beginning of the third quarter of 2022. It is thought to be a response to last year’s high-profile darknet market crackdowns, most notably that of Hydra Market.

Hydra was the leader in drug sales, having 19,000 registered sellers and 17 million customers worldwide. In April 2022, the German authorities confiscated its servers, creating a vacuum in the field.

Drug dealers moving to Android

As Resecurity reports today, several small players attempted to take advantage of Hydra’s sudden demise and snatch parts of Hydra’s orphaned user base.

Seven notable examples that released Android app APKs for customers to use to access their shops and services are:

  • Yakudza
  • TomFord24
  • 24Deluxe
  • PNTS32
  • Flakka24
  • 24Cana
  • MapSTGK

All seven of the above use the same M-Club CMS engine to build their APKs, so they likely used the same developer services.

“Some of these mobile apps have been recently observed by our experts on seized mobile devices by law enforcement – they belong to several suspects involved in drug trafficking and other illegal operations,” warned Resecurity.

Yakudza promoting its Android app
Yakudza promoting its Android and iOS apps (Resecurity)

“The mobile apps provide the ability to transfer details about successful drug orders, and they can also send geographical coordinates of the “package” left by the courier for further pick-up,” explains Resecurity in the report.

“Such information is transmitted in the form of an image to prevent possible indexing. […] notes may contain details how deep the “package” has been hidden under the ground or any other information to find it.”

Details on where the package was buried
Details on where the package was buried (Resecurity)

When this information exchange happens on several different applications, it creates fragmentation and stretches the ability of law enforcement to track everything and proceed to arrests.

Resecurity believes most new marketplaces to be launched in 2023 will feature an Android app, gradually replacing privacy-risking forums and open market platforms.

New big players

The most prominent drug market platforms have not bothered adopting the Android app trend yet and instead focus on the new fight for supremacy in the field, which might give one of them a monopoly similar to what Hydra has achieved.

According to Resecurity, those who benefited the most from Hydra’s shutdown were RuTor, WayAway, Legalizer, OMG!, Solaris, and Nemesis.

Over the past summer, these markets collectively welcomed 795,000 new users.

New users on each drug market
New users on each drug market (Resecurity)

With no clear market leader right now and the reputation of all platforms (and vendors) being volatile, this is a risky period for people who purchase counterfeit substances, low-quality ingredients, or something different from what they ordered, ultimately being extremely dangerous.

Source: https://www.bleepingcomputer.com/news/security/darknet-drug-markets-move-to-custom-android-apps-for-increased-privacy/

Advertisement
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Copyright © 2023 Cyber Reports Cyber Security News All Rights Reserved Website by Top Search SEO