DIY Phishing Kits Introducing New Features

May 15, 2008
Factual evidence on the emergence of individual phishing kits is starting to appear, with two more available in the wild. So what? For the time being, the lack of communication between the authors of these, or perhaps even the need to is slowing down the adoption of core features that would standardize and create a dynamic all in one phishing campaign C&C.

In the long term, however, features and customizations already adopted by ethical phishing initiatives, would become the default set of features for public, and not the proprietary kits that theoretically should act as the benchmark. As in a previous discussion on the dynamics of the malware industry and the proprietary tools within, lowering the entry barriers into phishing by releasing this applications for free, greatly benefits the more experienced phishers, as the novice market entrants would be the ones making the headlines :

"The DIY phishing kits trend started emerging around August, 2007, with the distribution of a simple kit (screenshots included), whose objective was to make it easy for a phisher already possessing the phishing page, to enter a URL where all the data would be forwarded to. Several months later, the kit went 2.0 (screenshots included) and introduced new preview, and image grabber features in order to make it easier for the phisher to obtain the images to be used in the attack. In early 2008, two more phishing kits made it in the wild, with the first once having direct FTP upload capabilities as well DIY Phishing Kit as automated updating of the latest phishing page, and the second one taking advantage of plugins under a .phish file extension."

Read the entire post - DIY phishing kits introducing new features.

About the author

Dancho Danchev is the world's leading expert in the field of cybercrime fighting and threat intelligence gathering having actively pioneered his own methodlogy for processing threat intelligence leading to a successful set of hundreas of high-quality anaysis and research articles published at the industry's leading threat intelligence blog - ZDNet's Zero Day, Dancho Danchev's Mind Streams of Information Security Knowledge and Webroot's Threat Blog with his research featured in Techmeme, ZDNet, CNN, PCWorld, SCMagazine, TheRegister, NYTimes, CNET, ComputerWorld, H+Magazine currently producing threat intelligence at the industry's leading threat intelligence blog - Dancho Danchev's - Mind Streams of Information Security Knowledge. With his research featured at RSA Europe, CyberCamp, InfoSec, GCHQ and Interpol the researcher continues to actively produce threat intelligence at the industry's leading threat intelligence blog - Dancho Danchev's - Mind Streams of Information Security Knowledge publishing a diverse set of hundreds of high-quality research analysis detailing the malicious and fraudulent activities at nation-state and malicious actors across the globe.