The Microsoft security team announced that they have discovered a massive e-fishing business using a Phishing-as-a-Service (PHaaS) model.
In the circles of hackers, service is known as BulletProofLink, BulletProftLink or Anthrax and is currently being promoted underground Forums.
The service is an evolution of "phishing kits", which are collections of pages and e-fishing templates that mimic the connection forms of well-known companies.
But BulletProofLink takes phishing to a whole new level, providing additional built-in hosting and email services.
Customers who sign up for the BulletProofLink portal pay a fee of $ 800 and BulletProofLink administrators do everything else for them.
Αυτές οι υπηρεσίες περιλαμβάνουν τη δημιουργία μιας ιστοσελίδας ηλεκτρονικού “ψαρέματος”, την εγκατάσταση προτύπου ηλεκτρονικού “ψαρέματος”, τη διαμόρφωση του domain (διευθύνσεις URL) για τους phishing ιστότοπους, την αποστολή πραγματικών messages ηλεκτρονικού ψαρέματος στα επιθυμητά θύματα, τη συλλογή διαπιστευτηρίων από τις επιθέσεις και, στη συνέχεια, την delivery of stolen data to "customers" at the end of each week.
If customers want to diversify their e-fishing standards, the BulletProofLink gang also has a separate store offering new standards, with prices ranging from $ 80 to $ 100 per standard.
About 120 different e-fishing standards are currently hosted. In addition, the site hosts tutorials to help customers use the service.
Microsoft describes the service as technically advanced, and the team behind it often uses compromised websites to host phishing pages.
The BulletProofLink gang has sometimes been observed to infringe on the DNS records of infringed sites in order to create subdomains on trusted sites for hosting phishing pages.
"In the e-Fishing Attack investigation, we came across a campaign that uses a fairly large volume of newly created and unique subdomains - over 300.000 for a single run." he says Microsoft, highlighting the huge scale of BulletProofLink PHaaS.
