October 1, 2024 at 03:45AM
Over 140,000 phishing websites linked to Sniper Dz, a phishing-as-a-service platform, have been discovered. It offers free services, drawing in cybercriminals, while also collecting stolen credentials. Aspiring threat actors can easily mount phishing attacks through PhaaS platforms, such as Sniper Dz. The platform operates openly and has been observed targeting U.S. web users with their phishing pages. Additionally, attackers are utilizing web pages to distribute phishing emails and exploit security flaws to propagate malware.
From the provided meeting notes, it’s evident that the PhaaS platform named Sniper Dz is a significant concern in the cybersecurity landscape. It has been linked to over 140,000 phishing websites and is used by numerous cybercriminals for conducting credential theft. Notably, the platform provides a range of services for free, making it appealing to aspiring threat actors with little technical expertise.
The platform operates a Telegram channel with a substantial number of subscribers and utilizes tactics to cover up its activity, including enabling an auto-delete option for posts. It is also accessible on the clearnet and offers ready-to-use scam templates for various popular online platforms in multiple languages.
Additionally, it provides tools to host phishing pages on its own infrastructure and offers ways to conceal these pages behind legitimate proxy servers. Sniper Dz has been observed targeting web users in the U.S., leading to a surge in phishing activities. There are also reports of attackers abusing web pages connected to backend SMTP infrastructure, such as account creation form pages, to bypass spam filters and distribute phishing emails.
Moreover, a new email phishing campaign has been discovered, leveraging a fileless variant of Remcos RAT by exploiting a known security flaw in Microsoft Excel. This demonstrates an ongoing evolution in cyber threats, emphasizing the importance of maintaining robust security measures and staying informed about emerging tactics utilized by threat actors.