Phishing Kits: The New Frontier For Hackers

Uploaded on 2023-04-06 in TECHNOLOGY--Resilience, TECHNOLOGY--Hackers, FREE TO VIEW

Up until now, designing and implementing a successful phishing campaign required strong technical skills to go through all the phases in the lifecycle of an attack. Phishing pages typically needed to be a perfect copy of a spoofed or targeted page and modified to surreptitiously send sensitive data collected to the phisher. 

This would ordinarily require specialist web development skills, limiting the number of people that could potentially step into the role of a phisher. Now, a new and more readily accessible form of 'off-the-shelf attack', the Phishing Kit, has been detected.

Specifically, a Phishing Kit consists of a collection of files that the hacker installs on a fake page that imitates, for example, a bank or Facebook, which already contains the code to collect credentials of users. These kits are sold to less skilled cyber criminals who then install them on the site they want to attack. This fraudulent system is dangerous, both because it allows inexperienced scammers to purchase access to complex code from a cyber criminal and because both criminal parties get access the victim's stolen data at the time of the attack.

Phishing attacks are becoming much more frequent and the availability of Phishing Kits is only likely to make things worse.

The leading Italian firm Ermes–Cybersecurity has analysed the phenomenon and discovered that, in the evolution of creating the Kits, attackers copy and paste pieces of code from other people's Kits, adapting them to their own needs.

According to Ermes, there are very few original kits, which makes it possible to identify entire clusters of related kits. 

Analysis of this threat can lead to the identification of criminals, however, the kits are not generally recognisable by users, and special tools are needed to identify the source of the code being used. To combat these threats, Ermes has built a unique and proprietary dataset containing tens of thousands of phishing kits, which are continuously augmented by downloading phishing kits left by attackers on phishing sites that have been identified.

Ermes routinely leverages this valuable resource to conduct research and map newly discovered phishing sites to a phishing kit family for the purpose of providing customers with critical insights and intelligence. Ermes is now working on a white paper dedicated to Phishing kits, which will illuminate the problem and possible solutions in detail. 

You Might Also Read:

The Dark Side Of AI:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« The Skills Gap Is Increasing Risk & Exposure To Attack
Law Enforcement Agencies Shut Down Genesis Market »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Surrey Centre for Cyber Security (SCCS)

Surrey Centre for Cyber Security (SCCS)

The Centre focuses on three main research directions - Privacy and Data Protection, Secure Communications, and Human-Centred Security.

Computer & Communications Industry Association (CCIA)

Computer & Communications Industry Association (CCIA)

CCIA supports efforts to facilitate and streamline information sharing on cyber threats between the private sector and the Federal Government.

SAI360

SAI360

SAI360 (formerly SAI Global) provide products and services for enterprise risk management including Governance, Risk & Compliance and Digital Risk solutions.

Bufferzone Security

Bufferzone Security

Bufferzone is a patented containment solution that defends endpoints against advanced malware and zero-day attacks while maximizing user and IT productivity.

ThreatSTOP

ThreatSTOP

ThreatSTOP is a cloud-based automated threat intelligence platform that converts the latest threat data into enforcement policies to stop attacks before they become breaches.

Security University

Security University

Security University is a leading provider of Qualified Hands-On Cybersecurity Education, Information Assurance Training and Certifications for IT and Security Professionals.

Assac Networks

Assac Networks

Assac Networks ShieldIT is an app that completely protects any BYOD smartphone from both tapping and hacking.

Cybertonica

Cybertonica

Cybertonica is a FinTech company which detects and prevents fraudulent transactions and reduces risk for financial services organisations.

Blue Cedar

Blue Cedar

Blue Cedar's mobile app security integration platform secures and accelerates mobile app deployment for enterprises and government organizations around the world.

Techfusion

Techfusion

Techfusion is a cyber security research and consulting firm focusing on digital forensics and data recovery.

Cynance

Cynance

Cynance are an award-winning, independent cyber security specialist and part of the Transputec family of companies.

Sentor Managed Security Services

Sentor Managed Security Services

Sentor Managed Security Services is a cybersecurity company that enables organizations to exist in a digitally connected world.

TheHive Project

TheHive Project

TheHive Project is a Scalable, Open Source and Free Security Incident Response Platform for SOC, CSIRT and CERT teams.

Afripol

Afripol

AFRIPOL was set up to strengthen cooperation between the police agencies of AU member states in the prevention and fight against organized transnational crime, terrorism, and cybercrime.

CarbonHelix

CarbonHelix

CarbonHelix provides cybersecurity services from US-based security operations centers that meet the highest compliance requirements.

Atlas Systems

Atlas Systems

Atlas Systems helps companies large and small accelerate their digital transformation journeys – expanding their capabilities and delivering tailored solutions including cybersecurity.