This topic contains 1 reply, has 2 voices, and was last updated by misconfig_exe 3 weeks, 4 days ago.
- September 30, 2020 at 11:54 pm #313280
Hi. How are y’all?
I’m kinda new to cybersecurity and hacking, and I have some questions about a keylogger I’m doing on python. It works fine, I get a log every hour with the keystrokes, and a printscreen every minute. But because I did it most for research and study, I’m using Gmail SMTP server, and a Gmail account, which ain’t exactly what I would call reliable.
In a real life scenario, even if someone’s try to create a Gmail account through tor network in the purpose of receiving the reported logs, and don’t make any opsec. It wouldn’t happen, because, in most cases, Gmail asks for a phone or email verification, and already has flagged almost every temporary phone number and email (if not every single one). Using an account created on clearnet or/and verified with one’s info, would lead right back to him or her, once the Keylogger was identified, or someone or Google itself go through the inbox. Right?
So is there a good alternate email service with an open SMTP server that could be used and doesn’t require verification, so one can create an account to receive the logs without exposing himself or herself? Let me know if I’m missing anything here, or there is a even better way of doing this.
Sorry for bad english. And Thanks.
- September 30, 2020 at 11:54 pm #313281
The answer is yes, certainly there are services like this which are sold to criminals.
But rather than rely on someone else’s infra and opsec, the most common alternative is to self-host, either on infra which doesn’t request much validation or which can be spoofed, or more likely, on the infra of a previously compromised server.
tl;dr: criminals use victims’ assets as their own attack infra
You must be logged in to reply to this topic.