Carding 4 Carders
Professional
The service makes it easier for inexperienced hackers to conduct spam campaigns.
Trend Micro experts have identified a new service that allows you to create hundreds of fake social media accounts in a matter of seconds, becoming accessible to low-level cybercriminals. A service called Kopeechka helps you bypass two main barriers to creating a fake account – email and phone verification.
Kopeechka Web interface
With Kopeechka, cybercriminals can carry out misinformation, spam, and malware distribution campaigns. For example, the service was used for mass registration of accounts on the Mastodon platform to conduct spam campaigns advertising fraudulent cryptocurrency investment platforms.
The main security measures against bots on platforms such as Instagram, Facebook, and X include verifying email addresses and phone numbers, using unsuspecting IP addresses, and CAPTCHAS.
Cybercriminals can bypass captchas and IP reputation checks using automated scripts, but obtaining unique email addresses and phone numbers can be more difficult. And in this case, the attackers turn to the Kopeechka service.
The service has been operating since the beginning of 2019 and offers customers both a web interface and an API. In addition to large social networks like Facebook and X, the Kopeechka API was used to register accounts on Discord, Telegram, and Roblox. The researchers also found a Python script that can be used to create accounts on Virus Total-this implies that some users may have registered accounts to test malware detection.
Kopeechka provides users with access to email received from social media platforms. However, access to the mailbox itself is not granted, as it is controlled by Kopeechka, and not by third parties. Kopeechka has a variety of email accounts, including Hotmail, Outlook, Gmail, and Mail.ru. The service allows you to use a single email address for multiple registrations on different platforms. The researchers suspect that the email addresses were either compromised or created by the Kopeechka owners themselves.
To verify users phone numbers during account registration, Kopeechka offers access to 16 different online SMS services. The researchers note that all processes can be fully automated, and the creation of hundreds of accounts can occur in just a few seconds. According to experts, the service itself is not illegal, but it facilitates the conduct of cybercrime operations among inexperienced cybercriminals.
Trend Micro experts have identified a new service that allows you to create hundreds of fake social media accounts in a matter of seconds, becoming accessible to low-level cybercriminals. A service called Kopeechka helps you bypass two main barriers to creating a fake account – email and phone verification.
Kopeechka Web interface
With Kopeechka, cybercriminals can carry out misinformation, spam, and malware distribution campaigns. For example, the service was used for mass registration of accounts on the Mastodon platform to conduct spam campaigns advertising fraudulent cryptocurrency investment platforms.
The main security measures against bots on platforms such as Instagram, Facebook, and X include verifying email addresses and phone numbers, using unsuspecting IP addresses, and CAPTCHAS.
Cybercriminals can bypass captchas and IP reputation checks using automated scripts, but obtaining unique email addresses and phone numbers can be more difficult. And in this case, the attackers turn to the Kopeechka service.
The service has been operating since the beginning of 2019 and offers customers both a web interface and an API. In addition to large social networks like Facebook and X, the Kopeechka API was used to register accounts on Discord, Telegram, and Roblox. The researchers also found a Python script that can be used to create accounts on Virus Total-this implies that some users may have registered accounts to test malware detection.
Kopeechka provides users with access to email received from social media platforms. However, access to the mailbox itself is not granted, as it is controlled by Kopeechka, and not by third parties. Kopeechka has a variety of email accounts, including Hotmail, Outlook, Gmail, and Mail.ru. The service allows you to use a single email address for multiple registrations on different platforms. The researchers suspect that the email addresses were either compromised or created by the Kopeechka owners themselves.
To verify users phone numbers during account registration, Kopeechka offers access to 16 different online SMS services. The researchers note that all processes can be fully automated, and the creation of hundreds of accounts can occur in just a few seconds. According to experts, the service itself is not illegal, but it facilitates the conduct of cybercrime operations among inexperienced cybercriminals.
