1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Cloudflare cut off this phishing-as-a-service platform, so it mov

    From TechnologyDaily@1337:1/100 to All on Mon Nov 7 15:45:03 2022
    Cloudflare cut off this phishing-as-a-service platform, so it moved to Russia

    Date:
    Mon, 07 Nov 2022 15:30:40 +0000

    Description:
    Robin Banks' new hosting provider is infamous for ignoring takedown requests.

    FULL STORY ======================================================================

    Phishing-as-a-service (PhaaS) platform Robin Banks has relocated its infrastructure to a "notorious Russian provider" rarely swayed by ethics or takedown requests, after being booted from the US-based CDN provider Cloudflare in July 2022.

    Cloudflare originally took action following a report from cybersecurity
    threat research company IronNet published in the same month, but new
    follow-up research confirms that this wasn't enough to put the service on
    ice.

    Furthermore, IronNet claims that Robin Banks has seen feature updates, such
    as a "cookie stealer" that can be used to evade multi-factor authentication (MFA) checks that hope to make the service even more dangerous to potential victims. Moving to Russia

    According to IronNet's original reporting, IronNet provided threat actors
    with an easy and convenient way to try and steal sensitive data from businesses, bank customers and others keeping sensitive data.

    Among other techniques, the service could fooled users by offered fake
    landing pages for legitimate services offered by Google and Microsoft.

    Following a three-day long outage, Robin Banks' organizers relocated its front-end and back-end infrastructure to DDOS-GUARD, a popular Russian
    hosting provider thats known for supporting threat actors and ignoring takedown requests.

    The PhaaS platform has also since introduced two-factor authentication to the service, allowing kit customers to view phished information via a central graphical user interface (GUI).

    Adding insult to injury, the new cookie stealer capability is locked behind a subscription add-on service, meaning that the phishing kit's developers stand to profit even more, with no simple way of stopping them in their tracks.
    Read more

    Keep your devices safe with the best endpoint protection services right now

    New service makes it easier than ever for rookies to launch Microsoft 365
    phishing attacks


    Microsoft issues warning against dangerous new phishing campaign

    According to IronNet, the Robin Banks phishing kit relies heavily on open-source code and tools found off-the-shelf. Packaged as a service, they significantly lower the barrier to entry for anyone interested in engaging in phishing attacks.

    Phishing, a cybercrime practice in which hackers look to fish sensitive information via fake emails, landing pages, and mobile applications, is one
    of the most popular methods for stealing login and other data targeted in cases of identity theft . Here's our rundown of the best firewalls right now

    Via: The Hacker News



    ======================================================================
    Link to news story: https://www.techradar.com/news/cloudflare-cut-off-this-phishing-as-a-service-p latform-so-it-moved-to-russia/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)