{"id":45500,"date":"2022-02-27T00:00:00","date_gmt":"2022-02-27T00:00:00","guid":{"rendered":"urn:uuid:315f9c6b-6faa-583c-e8a1-ebbf7607b3eb"},"modified":"2022-02-27T00:00:00","modified_gmt":"2022-02-27T00:00:00","slug":"sms-pva-part-2-underground-service-for-cybercriminals","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/sms-pva-part-2-underground-service-for-cybercriminals\/","title":{"rendered":"SMS PVA Part 2: Underground Service for Cybercriminals"},"content":{"rendered":"<p><img decoding=\"async\" src=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/22\/b\/sms-pva-a-new-underground-service-used-by-cybercrime-actors-part-2\/sms-pv-2.jpg\"><\/p>\n<div><img decoding=\"async\" src=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/22\/b\/sms-pva-a-new-underground-service-used-by-cybercrime-actors-part-2\/sms-pv-2.jpg\" class=\"ff-og-image-inserted\"><\/div>\n<p>In this sample, we can see an Indonesian mobile number with an \u201cethnically\u201d matching photograph in Whatsapp (presumed real account of the owner), but with a Russian name in Telegram (account presumed to have been registered using SMS PVA).<\/p>\n<p>These are just some illustrations of the common trend we saw on smspva.net. Either the accounts have different names across different services, or the country of the mobile phone does not match the language used in the account. To us, this shows the victim&#8217;s mobile numbers were successfully used and registered by operators availing of the smspva.net service..<\/p>\n<p><span class=\"body-subhead-title\">A \u201cwin\u201d for cybercriminals<\/span><\/p>\n<p>SMS verification has become the standard method that online services platforms and services used to confirm that one person is only using one account. But because of new services like SMS PVA, cybercriminals can now bypass this method and even capitalize on it.<\/p>\n<p>Here are a few benefits of such service for cybercrime actors:<\/p>\n<ul>\n<li><span class=\"rte-red-bullet\"><span class=\"rte-red-text\">Anonymity.<\/span> With SMS PVA, cybercriminals can make use of disposable numbers for their account registrations without worrying that the accounts and numbers can be traced back to them. Some countries would require identification when purchasing SIM cards and they don\u2019t even have to worry about that with SMS PVA.<\/span><\/li>\n<li><span class=\"rte-red-bullet\"><span class=\"rte-red-text\">Coordinated inauthentic behavior.<\/span> Coordinated inauthentic behavior is often used to distribute and amplify information at a big scale, fast, and with the necessary precision. This could be a misinformation campaign, attempts to manipulate public opinion related to particular brands, services, political views, or government programs such as vaccination campaigns.<br \/>SMS PVA service is based on thousands of compromised smartphones spread across various countries. With this service, SMS PVA users can register accounts with precision on the country level and can therefore launch campaigns using fake accounts pretending to be from the country they\u2019re targeting.<\/span><\/li>\n<li><span class=\"rte-red-bullet\"><span class=\"rte-red-text\">Abuse of sign-in bonuses.<\/span> Through SMS PVA services, cybercriminals can simply create multiple accounts to take advantage of sign-up promotions offered by online services and platforms. They can then sell their bonuses to unassuming victims.<\/span><\/li>\n<li><span class=\"rte-red-bullet\"><span class=\"rte-red-text\">Abuse of app gamification bonuses.<\/span> Cybercriminals can use SMS PVA services to create accounts and benefit from app gamification bonuses. They can create fake accounts to gain more views which will lead to more bonuses.<\/span><\/li>\n<li><span class=\"rte-red-bullet\"><span class=\"rte-red-text\">Circumvent regional restrictions.<\/span> SMS PVA services were also used to circumvent government or country restrictions. For example, users with Chinese phone numbers cannot register on a Binance platform. By using an SMS PVA service, cybercriminals can work around this restriction and sign up for a Binance account.<\/span><\/li>\n<li><span class=\"rte-red-bullet\"><span class=\"rte-red-text\">Avoid penalties and liabilities.<\/span> Because of the anonymity SMS PVA services provide, cybercriminals can avoid legal liabilities and penalties when they commit any abuse or violation using their fake accounts.<\/span><\/li>\n<li><span class=\"rte-red-bullet\"><span class=\"rte-red-text\">Scam and fraud.<\/span> SMS PVA allows scammers to register bulk accounts in any of the messaging apps and then use those accounts to send their lures and social engineering tricks.<\/span><\/li>\n<\/ul>\n<p><span class=\"body-subhead-title\">Impacts and implications<\/span><\/p>\n<p>The most vulnerable victims of services like smspva.net are the unwitting and unknowing individuals with infected smartphones. They are most likely unaware of the infections, and if they won&#8217;t register to any of the apps their phone numbers were used for, they won&#8217;t even know that something is amiss.<\/p>\n<p>In the event a criminal investigation takes place due to any scam or fraudulent activities associated with the account, the owner of the victim&#8217;s mobile number can become a suspect and the subject of investigation.<\/p>\n<p>SMS PVA services also have a huge impact on online platforms and services that use SMS verification as a security measure. Because SMS PVA services are able to intercept these messages, this security method is now broken.<\/p>\n<p>This also impacts current anti-fraud and inauthentic user behavior models being implemented, such that it now needs to take account not only for actions performed by unverified accounts but verified accounts as well.<\/p>\n<p>Single-sign-on (SSO) schemes that allow users to use a single set of authentication credentials to login into a group of services are also heavily affected by SMS PVA services.<\/p>\n<p>It is now possible to use SMS PVA services for bulk account creation in major platforms since access to the actual phone and the SMS message is required only once.<\/p>\n<p><a href=\"https:\/\/www.trendmicro.com\/en_us\/research\/22\/c\/sms-pva-countries-part-3.html\">In the final part of our blog entry<\/a>, we\u2019ll discuss which countries are most affected by SMS PVA services and which online services and platforms are most used by customers. We\u2019ll also lay out a few recommendations to mitigate the risks of this sophisticated threat.<\/p>\n<p> Read More <a href=\"https:\/\/www.trendmicro.com\/en_us\/research\/22\/b\/sms-pva-cybercriminals-part-2.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>In part two of this blog entry, we further investigate the innings of smspva.net and discuss the impact and implications of such services. Read More HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":45501,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[61],"tags":[9510,9521,9511,9513,9581,9509],"class_list":["post-45500","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-trendmicro","tag-trend-micro-research-articles-news-reports","tag-trend-micro-research-cyber-crime","tag-trend-micro-research-cyber-threats","tag-trend-micro-research-malware","tag-trend-micro-research-mobile","tag-trend-micro-research-research"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.5 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>SMS PVA Part 2: Underground Service for Cybercriminals 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/sms-pva-part-2-underground-service-for-cybercriminals\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"SMS PVA Part 2: Underground Service for Cybercriminals 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/sms-pva-part-2-underground-service-for-cybercriminals\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2022-02-27T00:00:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/22\/b\/sms-pva-a-new-underground-service-used-by-cybercrime-actors-part-2\/sms-pv-2.jpg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/sms-pva-part-2-underground-service-for-cybercriminals\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/sms-pva-part-2-underground-service-for-cybercriminals\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"SMS PVA Part 2: Underground Service for Cybercriminals\",\"datePublished\":\"2022-02-27T00:00:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/sms-pva-part-2-underground-service-for-cybercriminals\\\/\"},\"wordCount\":757,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/sms-pva-part-2-underground-service-for-cybercriminals\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/03\\\/sms-pva-part-2-underground-service-for-cybercriminals.jpg\",\"keywords\":[\"Trend Micro Research : Articles, News, Reports\",\"Trend Micro Research : Cyber Crime\",\"Trend Micro Research : Cyber Threats\",\"Trend Micro Research : Malware\",\"Trend Micro Research : Mobile\",\"Trend Micro Research : Research\"],\"articleSection\":[\"TrendMicro\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/sms-pva-part-2-underground-service-for-cybercriminals\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/sms-pva-part-2-underground-service-for-cybercriminals\\\/\",\"name\":\"SMS PVA Part 2: Underground Service for Cybercriminals 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/sms-pva-part-2-underground-service-for-cybercriminals\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/sms-pva-part-2-underground-service-for-cybercriminals\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/03\\\/sms-pva-part-2-underground-service-for-cybercriminals.jpg\",\"datePublished\":\"2022-02-27T00:00:00+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/sms-pva-part-2-underground-service-for-cybercriminals\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/sms-pva-part-2-underground-service-for-cybercriminals\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/sms-pva-part-2-underground-service-for-cybercriminals\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/03\\\/sms-pva-part-2-underground-service-for-cybercriminals.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/03\\\/sms-pva-part-2-underground-service-for-cybercriminals.jpg\",\"width\":641,\"height\":350},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/sms-pva-part-2-underground-service-for-cybercriminals\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Trend Micro Research : Articles, News, Reports\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/trend-micro-research-articles-news-reports\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"SMS PVA Part 2: Underground Service for Cybercriminals\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"SMS PVA Part 2: Underground Service for Cybercriminals 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/sms-pva-part-2-underground-service-for-cybercriminals\/","og_locale":"en_US","og_type":"article","og_title":"SMS PVA Part 2: Underground Service for Cybercriminals 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/sms-pva-part-2-underground-service-for-cybercriminals\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2022-02-27T00:00:00+00:00","og_image":[{"url":"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/22\/b\/sms-pva-a-new-underground-service-used-by-cybercrime-actors-part-2\/sms-pv-2.jpg","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/sms-pva-part-2-underground-service-for-cybercriminals\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/sms-pva-part-2-underground-service-for-cybercriminals\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"SMS PVA Part 2: Underground Service for Cybercriminals","datePublished":"2022-02-27T00:00:00+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/sms-pva-part-2-underground-service-for-cybercriminals\/"},"wordCount":757,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/sms-pva-part-2-underground-service-for-cybercriminals\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2022\/03\/sms-pva-part-2-underground-service-for-cybercriminals.jpg","keywords":["Trend Micro Research : Articles, News, Reports","Trend Micro Research : Cyber Crime","Trend Micro Research : Cyber Threats","Trend Micro Research : Malware","Trend Micro Research : Mobile","Trend Micro Research : Research"],"articleSection":["TrendMicro"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/sms-pva-part-2-underground-service-for-cybercriminals\/","url":"https:\/\/www.threatshub.org\/blog\/sms-pva-part-2-underground-service-for-cybercriminals\/","name":"SMS PVA Part 2: Underground Service for Cybercriminals 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/sms-pva-part-2-underground-service-for-cybercriminals\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/sms-pva-part-2-underground-service-for-cybercriminals\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2022\/03\/sms-pva-part-2-underground-service-for-cybercriminals.jpg","datePublished":"2022-02-27T00:00:00+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/sms-pva-part-2-underground-service-for-cybercriminals\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/sms-pva-part-2-underground-service-for-cybercriminals\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/sms-pva-part-2-underground-service-for-cybercriminals\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2022\/03\/sms-pva-part-2-underground-service-for-cybercriminals.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2022\/03\/sms-pva-part-2-underground-service-for-cybercriminals.jpg","width":641,"height":350},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/sms-pva-part-2-underground-service-for-cybercriminals\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Trend Micro Research : Articles, News, Reports","item":"https:\/\/www.threatshub.org\/blog\/tag\/trend-micro-research-articles-news-reports\/"},{"@type":"ListItem","position":3,"name":"SMS PVA Part 2: Underground Service for Cybercriminals"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/45500","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=45500"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/45500\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/45501"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=45500"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=45500"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=45500"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}