Network Security
Vulnerability Management
Privileged Access Management
Endpoint Security
Threat Hunting
Unified Endpoint Management
Email & Collaboration Security
Contents:
A new phishing kit known as ‘V3B’ is being promoted on Telegram by cybercriminals. It aims to trick clients of 54 significant financial institutions in Ireland, the Netherlands, Finland, Austria, Germany, France, Belgium, Greece, Luxembourg, and Italy.
Priced between $130 and $450 per month depending on what is purchased, the phishing kit features advanced obfuscation, localization options, OTP/TAN/2FA support, live chat with victims, and other evasion mechanisms.
Cybersecurity researchers who stumbled upon V3B claim that there are more than 1,250 subscribers in its Telegram group, suggesting that the new phishing-as-a-service (PhaaS) platform is gaining popularity among cybercriminals.
The Features of V3B
To guard against researchers and avoid detection by anti-phishing and search engine bots, V3B employs highly obfuscated JavaScript code on top of a customised content management system.
It includes professionally translated pages in languages such as French, Italian, German, Polish, and Finnish to enhance the effectiveness of the phishing attacks, allowing threat actors to run campaigns across multiple countries.
The kit may intercept credit card information and credentials as well as information from bank accounts. It is made to function on both desktop and mobile platforms.
Furthermore, fraudsters can communicate with victims in real-time through a chat system on the admin panel (uPanel) by providing personalised notifications in order to get one-time passwords (OTPs).
The stolen information is then transmitted back to the cybercriminals through the Telegram API. One alternative for a real-time interaction trigger is the QR code login jacking function, which lets hackers create QR codes for phishing pages by using the victim’s erroneous perception of authenticity due to their experience with reliable services.
The V3B kit also features support for PhotoTAN and Smart ID, used to bypass advanced authentication technologies used by Swiss and German banks.
With phishing kits, even low-skilled threat actors can launch highly damaging attacks against unsuspecting bank customers.
If you liked this piece, you can find more on the blog. Follow us on LinkedIn, Twitter, Facebook, and YouTube for more cybersecurity news and topics.
Cristian is a Content Editor & Creator at Heimdal®, where he developed a deep understanding of the digital threat landscape. His style resonates with both technical and non-technical readers, proof being in his skill of communicating cybersecurity norms effectively, in an easy-to-understand manner.
