Digital Wallets in the Cyber Underground Methods and tutorials Hacking methods and tutorials on different subjects involving digital wallets have become relatively common in the cyber underground world. They have been offered for sale from the price of $25 on various platforms, such as instant messaging applications, marketplace forums and dark web discussion forums such as Dread. Usually, the post where the method is offered for sale, does not go into detail on what the method is, and the user buys it without knowing much about its quality. For example, hacking tutorials for Apply Pay, PayPal, CashApp and more were posted on Telegram by a hacker, who offered the method for $100 in Bitcoin. The hacker sends the URL to the tutorial after receiving payment. Figure 4 - Digital wallets hacking tutorials offered for sale on a Telegram channel; Source: Luminar Another example was found on a carding forum, where a hacker offered a carding method to cash out via Apple Pay. The method requires an old iPhone or iPad that never used Apple Pay 7 and is available for paying users on the forum. Figure 5 - Carding method via Apple Pay offered for sale on a hacking forum The same method was found published for free on a Telegram channel. According to the method the hacker needs to verify one account via Apple Pay by using a stolen credit card or debit log, once it is verified, cash can be sent to the Apple Pay account. The threat actor offered two ways to handle the money, either to send it to another account or to add it straight to your account from the credit card. The threat actor advises to use the TLO data that was partly leaked in the past in order to unblock the card if it would potentially get blocked in the future. 7 https://ascarding.com/threads/carding-method-cashout-via-apple-pay.1500/