Phishing Kits: An Interactive Deep Dive: https://flare.io/learn/resources/blog/phishing-kits-an-interactive-deepdive/

#phishingkit

BlackForce – das Phishing‑Kit, das MFA-Systeme ausspielt

Seit seiner ersten Beobachtung im August 2025 habe sich das Phishing‑Toolkit BlackForce schnell zu einem gefürchteten Werkzeug für Cyberkriminelle entwickelt, berichtet Zscaler ThreatLabz. Das Besondere: Es kombiniere klassischen Credential‑Diebstahl mit Man‑in‑the‑Browser‑Techniken...

Mehr: https://maniabel.work/archiv/796

#PhishingKit #BlackForce #CredentialDiebstahl #MITB #Trojaner #JavaScript #infosec #infosecnews #BeDiS

GhostFrame – Das unsichtbare Phishing‑Kit

Bereits im September 2025 entdeckte Barracuda das Phishing‑Toolkit GhostFrame, das seitdem in über einer Million verdeckten Angriffen eingesetzt worden sein soll. Anders als herkömmliche Phishing‑Methoden verstecke das Kit seine Schadfunktion hinter einer scheinbar harmlosen HTML‑Datei, welche ein verstecktes iframe enthalte.

Mehr: https://maniabel.work/archiv/791

#GhostFrame #Phishing #PhishingKit #html #infosec #infosecnews

Neu auf dem CyberCrime-Markt: SpiderMan-Phishing-Kit

Das neue Phishing‑Kit Spiderman habe die Cyberkriminellen‑Szene erobert, da es selbst technisch wenig versierten Angreifern das Ausspähen von Bank‑ und Krypto‑Konten ermöglicht, berichtet VARONIS. Der Name sei Programm: Wie ein Spinnennetz verknüpfe das Toolkit zahlreiche europäische Banken und Finanzdienste zu einem einzigen Angriffspunkt.

Mehr: https://maniabel.work/archiv/761

#PhishingKit #Phishing #Spiderman #Crypto #infosec #infosecnews #BeDiS

🪝🚨 New ‘Spiderman’ phishing kit makes it trivial to clone major EU bank logins and steal credentials and OTPs in real time. If you get unexpected bank‑login links, double‑check before typing anything.

Read: https://hackread.com/spiderman-phishing-kit-european-banks-credential-theft/

#Phishing #Cybersecurity #BankFraud #Spiderman #PhishingKit

Watch out: The new #Salty2FA phishing kit bypasses MFA and clones real brand login pages, making fake sites look convincing and harder to detect.

Read: https://hackread.com/salty2fa-phishing-kit-bypasses-mfa-clone-login-pages/

#CyberSecurity #Phishing #Scam #CyberCrime #PhishingKit

Anatomy of a Phishing Kit

Phishing is a profitable industry: low cost, low risk, high reward. In fact, there’s more phishing “enabling technology” than there are barriers to entry. The resources that one needs to conduct phishing attacks are easily acquired using search engines or AI agents, are rolled up into “kits”, or are offered as services. In Part 1 of a series, we’ll look at phishing kits.

https://interisle.substack.com/p/anatomy-of-a-phishing-kit

#phishing #phishingkit #cybercrime #fraud

A lot of work has been done here   

https://www.mnemonic.io/resources/blog/exposing-darcula-a-rare-look-behind-the-scenes-of-a-global-phishing-as-a-service-operation/

#smishing
#phishing
#magiccat
#phishingkit
#sms
#rcs
#dracula

We published a blog yesterday about a PhaaS and phishing kit that employs DoH and DNS MX records to dynamically serve personalized phishing content. It also uses adtech infrastructure to bypass email security and sends stolen credentials to various data collection spaces, such as Telegram, Discord, and email. https://blogs.infoblox.com/threat-intelligence/a-phishing-tale-of-doh-and-dns-mx-abuse/

#dns #doh #mx #adtech #obfuscation #phaas #phishing #phishingkit #threatintel #cybercrime #threatintelligence #cybersecurity #infoblox #infobloxthreatintel #infosec #wordpress #spam #telegram #discord #morphingmeerkat

🎣 Ledger #phishingkit abusing formsubmit.co services as a vector for exfiltrating stolen data.

💡 Note that this email address is fixed in a piece of code, more or less hidden ➡️ backdoored kit.

#Phishing kit detected/analyzed by https://www.StalkPhish.io