Summary: This article discusses the cost of a phishing-as-a-service platform and how cybercriminals are targeting European banking clients with this method.
Threat Actor: Cybercriminals | Cybercriminals
Victim: European banking clients | European banking clients
Key Point :
- Cybercriminals are using a phishing-as-a-service platform to target European banking clients.
- The cost of this platform ranges from $130 to $450 per month.
- The phishing kit used by the cybercriminals allows them to impersonate more than 50 banks in Europe.
Cybercrime
,
Fraud Management & Cybercrime
,
Social Engineering
Cost of Phishing-as-a-Service Platform Ranges From $130 to $450 per Month
Cybercriminals are targeting European banking clients with a phishing-as-a-service platform that retails for between $130 and $450 per month and allows fraudsters to bypass multifactor authentication.
Resecurity researchers found a phishing kit they named V3B that has been operational since March 2023 and that allows fraudsters to mimic more than 50 financial institutions across the continent.
The phishing kit’s retail price depends on the modules and supported banks included. It enables fraudsters to employ social engineering and spoofing tactics to trick victims into revealing sensitive information in order to intercept banking credentials and credit card details.
A threat actor named “Vssrtje” promotes the kit on Telegram and dark web communities. Researchers estimate hundreds of cybercriminals use this kit, resulting in significant financial losses for European banking customers. The Telegram channel associated with this group has over 1,255 members.
The V3B phishing kit is designed to evade detection and supports real-time interaction to bypass MFA. In addition to traditional tokens such as SMS codes, it handles QR Codes and PhotoTAN methods. PhotoTAN is a second-factor authentication app common in Germany and Switzerland that provides transaction authentication numbers by scanning pixelated graphics.
The kit also includes advanced obfuscation techniques and anti-bot measures to avoid detection.
In addition to targeting banks, the V3B kit supports the interception of credit card data. Recently, developers released a module to support International Card Services with templates in Dutch.
The kit’s features include multicountry targeting, encrypted code, mobile and desktop interfaces, and live chat with victims.
VB3 uses the Telegram API to transmit intercepted payment data to fraudsters, alerting them to successful attacks. This allows attackers to initiate specific actions from the victim, such as asking for login details, SMS/OTP codes and credit card information.
Phishing attacks have caused substantial financial losses globally, and the European Union has been particularly vulnerable due to its significant economy and mature financial system.
Source: https://www.bankinfosecurity.com/phishing-kit-targets-european-banks-bypasses-mfa-a-25395
“An interesting youtube video that may be related to the article above”