"Researchers Warn of New Phishing-as-a-Service Being Used by Cyber Criminals"
Caffeine is a previously unknown Phishing-as-a-Service (PhaaS) toolkit that is being used by cybercriminals to effectively scale up their attacks and distribute malicious payloads. According to Mandiant, this platform has an intuitive interface and a low cost while providing many features and tools to its criminal clients to orchestrate and automate core elements of their phishing campaigns. The platform's core features include creating customized phishing kits, managing redirect pages, dynamically generating URLs that host payloads, and tracking campaign success. The discovery comes just over a month after Resecurity revealed another PhaaS service called EvilProxy, which is for sale on dark web criminal forums. However, unlike EvilProxy, whose operators are known to screen prospective customers before activating subscriptions, Caffeine has an open registration process, allowing anyone with an email address to sign up for the service. This restriction-free approach eliminates the need for Caffeine to approach the actors on underground forums or require a referral from an existing user. It also allows Caffeine to rapidly expand its clientele and lower the barrier to entry. The PhaaS toolkit distinguishes itself further by providing phishing email templates for use against Chinese and Russian targets. This article continues to discuss findings regarding the Caffeine PhaaS toolkit.
THN reports "Researchers Warn of New Phishing-as-a-Service Being Used by Cyber Criminals"