"NakedPages Phishing Toolkit is Now Available on Cybercrime Forums"

Cybersecurity researchers at CloudSEK have discovered a new sophisticated phishing toolkit for sale across several cybercrime forums and Telegram channels.  The researchers dubbed the toolkit "NakedPages." The toolkit was developed using NodeJS Framework, runs JavaScript code, is fully automated, and comes preloaded with over 50 phishing templates and site projects.  One post on the cybercrime forum, viewed by the researchers, stated, "NakedPages is the phishing tool any serious developer/spammer needs with more features than any other reverse proxy combined or PHP phishing framework combined." The researchers stated that NakedPages is designed to work on Linux and asks for read, write, and execute permissions from the 'user' and further requests for read and execute permissions from both 'group' and 'others' in order to work.  The toolkit also reportedly features fully-integrated and battle-based anti-bot functionalities, capable of detecting bots of different types from over 120 countries.  Regarding the threat actor behind the new phishing toolkit, the researchers stated that it is a new user on GitHub and the cybercrime forum, with both accounts being less than a month old.

Infosecurity reports: "NakedPages Phishing Toolkit is Now Available on Cybercrime Forums"