The latest in detection evasion and anti-browser fingerprinting: LinkenSphere

I recently acquired a license for a neat little piece of software quietly making itself known amongst the “hacker community,” calling itself LinkenSphere. We were interested in the software because it seemed to be a competitor to the infamous AntiDetect (which pales in comparison to this program, which seems actually to be valuable software) that are used to evade anti-fraud fingerprinting mechanisms and prevent carders from carrying out fraudulent transactions using stolen cards. LinkenSphere also markets itself with a uniquely “corporate” vibe, with this on their homepage: “We are pleased to present to your attention the most convenient and safe tool for professional work in the Internet.” As if this wasn’t enough, they link some of their product development threads on forums like, wwh-club, and other websites popular among the hacker community. Upon further investigation, it looks like they are using the exact same website template as my former employer, Track4, so needless to say they have good taste.

I have been monitoring the Telegram Group the developers utilize to inform their userbase of updates, new capabilities, which occur surprisingly often.

LinkenSphere, once logged in, provides both a sleek “dark and modern” GUI and a convenient way to purchase Browser Fingerprints (in the aptly named ConfigShop). These Browser Fingerprints are harvested from compromised machines (by simply grabbing the user-agent, and metadata associated with the browser) and are valuable because from a carder’s perspective, it is imperative to appear as a legitimate end-user, and what better way to do so then replicating a real end-user’s browser fingerprint? A particular “config” or Browser Fingerprint includes all sorts of data you are probably not aware your browser provides to a web application, like your WebRTC (local IP address on the subnet), your OS, screen resolution, other open tabs, etc.

The software’s extensive capabilities and configuration options underscore the extent to which browser metadata can be used to identify you and the creative capacity of criminals to devise solutions to the problems that face them. Another sweet dimension to the software (from an attacker’s perspective) is the ability to maintain multiple sessions within the interface (each tab appears as its own Virtual Machine, a functionality which AntiDetect did not provide and not for the affordable price tag of 500 USD), allowing a carder to utilize stolen credit card information from multiple individuals in multiple geographical areas simultaneously with ease.

The complexity of the software is impressive, and its development was evidently an organized effort by a talented group of developers. Mindwise will continue to monitor the development of the software to determine any possible mitigation strategies to prevent the use of the software for criminal activity. For those interested, more information can be found at

“We are pleased to present to your attention the most convenient and safe tool for professional work in the Internet.”
— LinkenSphere Developers

By | 2017-11-22T09:31:12+00:00 November 21st, 2017|offensive-security|0 Comments

About the Author:

Mindwise Architect, Security Researcher

Leave A Comment