NOIDA: Since June 13 this year, a new tool has come up in the darknet Market & since then this has been a craze among Hacking Community. It costs just $130 i.e. approx. Rs.9700 with $1 (Rs.74.00) per new device fingerprint. The tool presently includes more than 70 spoofed fingerprints from different devices that the sellers have sorted into six different categories. These include mobile phones, tablets, gaming consoles, Smart TVs, and more.
The recent version of this Tool is MASQ v0.198
What it does: This spoofs the device fingerprint to bypass authentication mechanism & security checks!
Device Fingerprints typically include specific details of a user’s device that serves as user identity. Typical information contained in this are: IP Address, Browser Information, Time Zone, Language Settings, Device model, type, and features, screen resolution and more.
Antifraud firms/applications use these details to validate legit users. There are over 100 user and device fingerprints that anti-fraud systems can cross-reference to authenticate the end user.
This new MASQ tool has been designed to spoof these all. It becomes too difficult to distinguish a spoofed login from a legit one. This helps the adversaries break into user’s bank account, make fraudulent payments and play around with other online transactions.
Assuming Attackers have the credentials, using social engineering/phishing/smshing (very common now a days) for a particular account, with the help of MASQ, cyber criminals shall reuse the stolen Cookie files from the victim, and spoofing the figure prints – making them look as if victim.
Using this tool MASQ and spoofing finger prints also helps access logged-in accounts or by pass 2 Factor Authentication.
Conclusions: Defense Team of Financial Institutions or any sector, wherein Finger Print is the key method of authentication, must take a note of this tool, and try to apply appropriate controls to negate this. In the ever-changing scenario we need to be buckled up.
This Article has been Submitted by Armantec Systems Pvt Ltd (www.armantecsystems.com), a Noida Based Threat Intelligence & RED Teaming Consulting Firm, with the prime focus on custom Ransomware Attacks Solution for Critical Information Infrastructures (CIIs)