Jump to content
  • This dangerous new hacker tool makes phishing worryingly easy

    aum

    • 372 views
    • 2 minutes
     Share


    • 372 views
    • 2 minutes

    Setting up phishing campaigns for Microsoft 365 has become a relatively straightforward process due to a phishing-as-a-service (PhaaS) platform named Caffeine.

     

    As reported by Bleeping Computer, the service offers a way for cybercriminals to target individuals in order to obtain access to their Microsoft 365 accounts.

     

    Researchers from cybersecurity company Mandiant released a report on Caffeine after uncovering it recently. They discovered the service following an investigation into a phishing campaign derived from Caffeine, which saw threat actors focusing Caffeine’s efforts on one of the firm’s clients.

     

    Unlike other platforms, anyone interested can access Caffeine without the requirement of invites or referrals. Another trait that is common among such services is receiving approval from an admin on a Telegram group or hacking forum. However, this screening process is also not needed by Caffeine.

     

    Although the majority of PhaaS platforms target western regions, the phishing templates for Caffeine in particular revolve around both Russian and Chinese platforms.

     

    After a threat actor has created their account, they gain access to the Caffeine Store, a central hub featuring tools for setting up phishing campaigns. Of course, the service isn’t offered for free. A subscription license is priced at $250 per month, while the more premium options cost $450 (three months) and $850 (six months).

     

    caffeine-phishing-platform.jpg?fit=720,3

    Image source: Mandiant/Bleeping Computer

     

    The aforementioned prices are around three to five times higher than an average PhaaS subscription. That said, it delivers both anti-detection and anti-analysis systems, in addition to customer support.

     

    Once the phishing campaign has been set up, the phishing kit itself — a Microsoft 365 login page — is launched, after which a phishing template has to be selected. A Python or PHP-based email management utility are other convenient tools that are also offered to distribute phishing emails to targets.

     

    Mandiant has detailed how to detect phishing emails from Caffeine, but the fact remains that when additional templates are added to Caffeine, it’ll become an even more attractive platform for setting up phishing campaigns. When factoring in the automated aspect of the service, newcomers to PhaaS can launch their cyber attacks with ease.

     

    Scammers have previously attempted to send out fake Microsoft Office USB sticks to infect a target’s system with ransomware.

     

    Source

    • Like 2

    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...