Robin Banks, expelled from the US, has now moved Phishing Platform as a Service (PhaaS), its infrastructure to a “notorious Russian provider” that is rarely affected or taken down by ethics. CDN Provider(Opens in a new window)Cloudflare, July 2022
Cloudflare was founded in response to a request from a customer. Report(Opens in a new window)IronNet, a cybersecurity threat research firm, published the same month but a new follow-up Research(Opens in a new window)He asserts that it was not enough to halt the service.
IronNet claims Robin Banks received feature updates that can be used by Robin Banks to evade Multi-Factor Authentication check (MFA) and that it hopes will make its service more dangerous for potential victim.
Moving to Russia
According to the IronNet original report, IronNet provided threat agents with an easy and convenient method to steal sensitive data from banks customers and businesses.
The service, among other technologies can deceive users by offering false landing pages for legitimate Microsoft and Google services.
Robin Banks organizers moved the front-end, back-end infrastructure to DDOS GUARD after a three-day hiatus. This popular Russian hosting provider is known for supporting threat actors, and ignoring takedown requests.
The PhaaS platform now offers two-factor authentication. This allows group customers to view spoofed data via a central graphical interface (GUI).
To make matters worse phishing developers can make more money by selling additional subscription services that lock the possibility of new cookies being stolen.
IronNet says Robin Banks’ phishing software heavily relies on open source code and other tools available on the market. It is offered as a service and significantly lowers the barrier to entry for anyone who is interested in engaging in phishing attack.
Phishing is a common method of stealing login information. identity theft.
Across: pirate news(Opens in a new window)
Source link
[Denial of responsibility! reporterbyte.com is an automatic aggregator of the all world’s media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials, please contact us by email – reporterbyte.com The content will be deleted within 24 hours.]
