McDonald’s Phishing Page Used to Steal Saudi Payment Data
Outline
This is a unique phishing kit in that it is a bit more targeted than usual kits. This kit specifically target McDonald’s customers located in Saudi Arabia by replicating the look and feel of the actual mobile McDonald’s app.
Testing of Phishing Page on Local Environment⌗
** You need to click Full Screen icon to view the video** (need to work on the CSS)
Telegram Exfiltration⌗
The phishing kit exfiltrates the stolen data via a Telegram bot and does not rely upon email. I’ve kept the original Telegram bot, but commented out the code in the sample.
Sample⌗
You can download a copy of the kit here.
More Research