This app, the Actor's appear to be utilizing Web3 & Browser Extensions that Impersonate "Google Drive Docs". NOT Google when you do forensics on what the package contains. This means, that it is also illegal trademark infringement, as it's not counterfeit, it's just stealing Google's name and presentation, which they've labeled over their Trojan.
The Threat Actors I've met, which have come up to me ever since The Attorney General approved my report, wear NASA T-Shirts. They're smug. They instigate. They seem to want me to give them my attention. I take a photograph and keep my head down, refusing to feed into their misplaced narcissistic glory. They're criminals. They steal from others through their computer crimes.
They're NOT activists (which I'm also not into, but some activists abide by the law). They're Violent Non State Actors; malicious organized ransomware group, that is involved in trafficking.
They steal from others through their computer crimes. I actually interviewed one, last year in April, Eleven Before Twelve. He told me horrible stories about his childhood, and how he felt being in a gang was his only option, and how he admired the tech stolen from the ransomware group calling themselves NASA (from the technology stolen from NSA, and adapted to their purposes). He lied to me about several things, but I traced his comments that stood out to me, and found out who he really is, from his YouTube channel. He teaches hackers, how to exploit with Xbox. He said they're in the gang for life. He mentioned profit sharing pools. There was a sexual component to their crimes beyond the tech. They all seemed to have been sexually exploited, and sought targets, to steal from financially, and sexually exploit as well.
I asked him if he thought what he was doing was wrong. He said "no". That means, that he is anti-social and out-of-touch with reality, with the millions of people his gang hurts, and with how his actions affect others, as well as himself.
No one can do this type of work, and have healthy self-esteem nor integrity. Self-worth, comes from alignment, and doing the right thing, because it's the right thing.
"The Trojan relies on a Command and Control (C&C) infrastructure to receive configuration settings about desired subscription services and relay received SMS messages. The subscription procedure involves the following steps:"
- Loading a target website received from the C&C server;
- Extracting CAPTCHA image and sending it for image-to-text recognition;
- Loading the CATPCHA code on the targeted website;
- Parsing SMS code for code or activation link;
- Loading activation link;
- Sending confirmation SMS;
- Loading website with SMS code.
