Simple Update Profile - Phishing Kit Type
#SimpleUpdateProfile #PhishingKitType #phishing #phishingkit
@m1crome1t documented a phishing kit that is very simple and contains 3 files, looks like it was scraped from Chase website and slightly modified
folder structure
\index.php
\login.php (contains the #threatactoremail)
\update.profile.php
example 1:
md5 42f82bb8504f8177d4b36a74dbab4d7c
https://www.virustotal.com/#/file/a2d3e28f6c4ebf7630790f4ab3384a70ee8516a92a9073a43d16f0d5d5992e9e/details
hxxp://niloson.hopto[.]org/cpa/chasep/
References
https://twitter.com/m1crome1t/status/1133112772546486275
@m1crome1t documented a phishing kit that is very simple and contains 3 files, looks like it was scraped from Chase website and slightly modified
folder structure
\index.php
\login.php (contains the #threatactoremail)
\update.profile.php
example 1:
md5 42f82bb8504f8177d4b36a74dbab4d7c
https://www.virustotal.com/#/file/a2d3e28f6c4ebf7630790f4ab3384a70ee8516a92a9073a43d16f0d5d5992e9e/details
hxxp://niloson.hopto[.]org/cpa/chasep/
References
https://twitter.com/m1crome1t/status/1133112772546486275
Comments
Post a Comment