Phishing Kits: The New Frontier For Hackers

Uploaded on 2023-04-06 in TECHNOLOGY--Resilience, TECHNOLOGY--Hackers, FREE TO VIEW

Up until now, designing and implementing a successful phishing campaign required strong technical skills to go through all the phases in the lifecycle of an attack. Phishing pages typically needed to be a perfect copy of a spoofed or targeted page and modified to surreptitiously send sensitive data collected to the phisher. 

This would ordinarily require specialist web development skills, limiting the number of people that could potentially step into the role of a phisher. Now, a new and more readily accessible form of 'off-the-shelf attack', the Phishing Kit, has been detected.

Specifically, a Phishing Kit consists of a collection of files that the hacker installs on a fake page that imitates, for example, a bank or Facebook, which already contains the code to collect credentials of users. These kits are sold to less skilled cyber criminals who then install them on the site they want to attack. This fraudulent system is dangerous, both because it allows inexperienced scammers to purchase access to complex code from a cyber criminal and because both criminal parties get access the victim's stolen data at the time of the attack.

Phishing attacks are becoming much more frequent and the availability of Phishing Kits is only likely to make things worse.

The leading Italian firm Ermes–Cybersecurity has analysed the phenomenon and discovered that, in the evolution of creating the Kits, attackers copy and paste pieces of code from other people's Kits, adapting them to their own needs.

According to Ermes, there are very few original kits, which makes it possible to identify entire clusters of related kits. 

Analysis of this threat can lead to the identification of criminals, however, the kits are not generally recognisable by users, and special tools are needed to identify the source of the code being used. To combat these threats, Ermes has built a unique and proprietary dataset containing tens of thousands of phishing kits, which are continuously augmented by downloading phishing kits left by attackers on phishing sites that have been identified.

Ermes routinely leverages this valuable resource to conduct research and map newly discovered phishing sites to a phishing kit family for the purpose of providing customers with critical insights and intelligence. Ermes is now working on a white paper dedicated to Phishing kits, which will illuminate the problem and possible solutions in detail. 

You Might Also Read:

The Dark Side Of AI:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« The Skills Gap Is Increasing Risk & Exposure To Attack
Law Enforcement Agencies Shut Down Genesis Market »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Thinklogical

Thinklogical

Thinklogical manufactures secure, KVM, video, audio, and computer peripheral signal switching solutions for defence C4ISR applications.

Industrial Networking Solutions (INS)

Industrial Networking Solutions (INS)

INS Services specializes in designing, deploying and providing on-going support for critical OT (Operational Technology) and IIoT (Industrial Internet of Things) networks.

Shift Technology

Shift Technology

Shift Technology provides insurance companies with an innovative SaaS solution to improve and scale fraud detection.

TruNarrative

TruNarrative

TruNarrative provides a unified solution for Identity Verification, Fraud Detection, eKYC, Risk Assessment, AML Compliance and Account Monitoring.

IdentityIQ

IdentityIQ

IdentityIQ is a US-based identity theft and credit protection company designed to help users stay on top identity thieves and data breaches.

Stefanini Group

Stefanini Group

Stefanini is a global IT services company providing a broad range of solutions for digital transformation including automation, cloud, IoT and cybersecurity.

Fifosys

Fifosys

Fifosys is a professional technology infrastructure specialist, delivering a broad portfolio of high quality technical and strategic managed services.

Delinea

Delinea

Delinea is a leading provider of cloud-ready privileged access management (PAM) solutions that empower cybersecurity for the modern, hybrid enterprise.

Amazon Web Services (AWS)

Amazon Web Services (AWS)

Amazon Web Services is the world’s most comprehensive and broadly adopted cloud platform, offering fully featured services from data centers globally.

Mondoo

Mondoo

Mondoo is a powerful security, compliance, and asset inventory tool that helps businesses identify vulnerabilities, track lost assets, and ensure policy compliance across their entire infrastructure.

Transatlantic Cyber Security Business Network

Transatlantic Cyber Security Business Network

The Transatlantic Cyber Security Business Network is a coalition of UK and US cyber security companies which facilitates collaboration to help address critical cyber security challenges.

Cyber Proud

Cyber Proud

Cyber proud is leading a talent revolution to promote and create an inclusive skilled cyber workforce.

ECIT

ECIT

ECIT is your preferred provider of finance and IT services. We believe in the value of combining financial and IT services to streamline and improve the operation of your business.

Buzz Cybersecurity

Buzz Cybersecurity

Buzz Cybersecurity systems and services are designed to proactively guard against common and uncommon cyber threats.

Getvisibility

Getvisibility

Getvisibility enables customers to detect, classify and protect sensitive information increasing data security, governance, compliance and lowering the risk of losing valuable data.

Oxford Information Labs (OXIL)

Oxford Information Labs (OXIL)

Oxford Information Labs brings together world-class software programmers and policy experts to provide a unique mix of expertise and hands on technical solutions.