As phishing attacks are increasingly becoming more sophisticated and popular, we take a closer look at an automated phishing tool which was posted on a recently revived dark web marketplace.
We found a post on AlphaBay, where a dark web vendor offers an automated phishing tool, which offers ready-made phishing pages of large companies including PayPal, Facebook, eBay, Instagram and others. The kit offered here (see image below) is an automated tool, offering ready-to-use phishing pages that are very easy to operate.
In the post, the threat actor claims that every phishing page can be up and running within 10 minutes. This exceptionally short setup allows threat actors who purchase this tool to create a large number of pages with very little effort in a short span of time.
These pages, which often have a nearly identical web page design to the genuine website, are used for stealing user credentials. This can either lead to fraud or worse, enable threat actors to access organization’s systems and launch cyber attacks.
The story behind AlphaBay, the marketplace that offered this automated phishing tool, is also interesting. AlphaBay first emerged in 2014, and quickly became the largest darknet market. The market’s transactions exceeded $1 billion in cryptocurrency and sold illegal drugs, chemicals, counterfeit goods, malware and firearms. It was taken down years later, by law enforcement in 2017.
AlphaBay had two administrators: Alexander Cazes, a Canadian citizen using the online alias Alpha02/Admin who was arrested and later died in Thai prison, and DeSnake who has never been caught by the police.
Over the years, we kept crawling posts written by DeSnake, the co-founder who remained active on the dark web. Several months ago, DeSnake announced on a hacker forum that the AlphaBay market reopened and was ready for business. In his statement, DeSnake describes the marketplace as “professionally-run, anonymous, secure marketplace.”
The dark web marketplace quickly grew since it reopened several months ago, now hosting 10K product listings under various categories: drugs, hacking, carding, fraud and more.
Click to Open Code Editor