Remote Installation

Service Indication via PAP/PPG

A Service Indication is a binary SMS sent to a dedicated port on the target device that informs the device that there is a web address waiting to be visited. Push WAP can be used to display a link to the target user in a flash-type message that can be spoofed to appear as originating from the service provider. Social engineering is usually necessary to persuade the target user to take the required action (usually clicking on a link and accepting the subsequent download). The user would be unaware that spyware is being installed - they would believe the download to be something else entirely, for example an app update or firmware patch. Contact for more information.

Drive-by Download via HTTP

This is among the easiest methods of remote installation, and very often requires nothing more than enticing the user to visit a particular website. Social engineering can also be used to encourage the user to take particular actions while on the website, for example, clicking on a link, closing a pop-up window or enabling a browser component or extension. In a drive-by download, the target user may be aware that a download is taking place, but the user would believe the download to be something else entirely (for example a browser security update or the download of an app that they wish to install). Contact for more information.

0-Day / Half-Day Exploits

Primarily targeting iOS and devices running linux- or windows-based operating systems, the success of 0-day or half-day exploits is entirely dependent on the specifications and status of the target device, the technical sophistication and security consiousness of the target user and the environment in which the target device is operating. Undertaken by professional hackers on a case-by-case basis, this method of remote installation is the most costly and requires payment in the form of a cryptocurrency like Bitcoin. Enquiries regarding 0-day or half-day exploits can be made via email to Only serious enquiries will be answered.

Remote Access via UDP/TCP

If remote administration software such as VNC or TeamViewer is installed on the target device then remote access can typically be gained through social engineering. The target user can be sent a spoofed message appearing to originate from their network operator or device manufacturer that advises them to take certain action on their device for security or other purposes. That action will either initiate a remote session (or, in certain cases, will enable the exploitation of vulnerabilities in the existing RA software) to facilitate the remote deployment of a trojan, dropper or the spyware itself. Contact for more information.