Phishing actors were seen selling a new sophisticated toolkit called NakedPages on underground marketplaces, allegedly effective against large-scale companies. Aside from being found on the dark web forums, the NakedPages toolkit is also promoted by its operators on some malicious Telegram channels.
Originally designed for the Linux OS, the new phishing toolkit requests reading, writing, and executing permissions from its operators, including from an individual user, group, and others. NakedPages is also a fully-automated kit with over 50 preloaded phishing templates and site projects for its buyers.
Moreover, the new phishing toolkit has an anti-bot function that is fully integrated and battle-based, allowing it to detect unwanted bots from across 120 countries worldwide. Its operators could also receive results, decipher responses, install cookies, and filter users via jsconfig[.]json.
The emergence of the NakedPages toolkit shows the widespread use of phishing kits among financially motivated threat operators in the cybercrime landscape, which aids them in deploying effective phishing sites despite their skills.
Over a thousand Man-in-the-Middle phishing toolkits were discovered last January and sold by cybercriminals on dark web forums. These toolkits are utilised in extensive phishing campaigns that masquerade major corporations under different sectors, such as banking, e-commerce, retailers, and other online services, to phish for people’s data.
Aside from targeting the mentioned sectors, phishing actors were also seen utilising the toolkits against the cryptocurrency landscape, with researchers observing an uptick in its use to steal digital coins and collect credentials from various crypto wallets and websites.
For instance, security researchers have found another toolkit dubbed ‘BulletProfitLink’ used by cybercriminals to steal crypto-related assets, allowing them to copy several cryptocurrency companies to trick their victims. The BulletProfitLink toolkit could also imitate NFT (non-fungible tokens) and other digital currency wallet providers.
Cybercriminal groups, especially those who practice phishing campaigns, have been finding phishing toolkits helpful in deploying their malicious activities to steal from victims. Furthermore, since using these kits could be straightforward despite skill level, it has become more rampant within the cybercrime world.
Thus, everyone who has been utilising the web must be extra cautious in navigating cyberspace and avoid giving away credentials on suspicious sites that could lead to their data being compromised.
