menu

X-SniPer Chase Phishing Kit Targets Fullz for Account Takeover

2021-09-06 :: Luke
#ElZero  #X-SniPer  #H-5573  #fullz  #SIM swap  #phishing kit  #phishing  #fraud  #PHP  X-SniPer Chase Phishing Kit Targets Fullz for Account Takeover
X-SniPer phishing kit even tries to steal the victim’s mobile phone carrier PIN to perform a SIM swap attack to “bypass” 2FA.
Read more →

restore-metamask.com Used to Steal Entire Crypto Wallets

2021-07-30 :: Luke
#restore-metamask.com  #crypto  #phishing  #fraud  #PHP  #JavaScript  restore-metamask.com Used to Steal Entire Crypto Wallets
The malicious domain restore-metamask.com was used to steal existing crypto wallets of metamask.io users. It also allowed new wallets to be created and cryptocurrencies deposited to the new wallet, but it would ultimately go to the attackers.
Read more →

Spoofed 404s

2021-07-12 :: Luke
#http_response_code  #404  #evasion  #fake  #PHP  #website malware  Spoofed 404s
Should you trust the HTTP response code when analyzing access logs for suspicious traffic?
Read more →

MAGECART GROUP 12: toolser.pw skimmer

2021-06-28 :: Luke
#MAGECART GROUP 12  #toolser.pw  #pathc.space  #skimmer  #ecommerce  #magento  #PHP  #website malware  MAGECART GROUP 12: toolser.pw skimmer
This PHP code injection is used to selectively inject the JavaScript skimmer that is loaded from toolser.pw (recently had been using pathc.space).
Read more →

WordPress Injection Exfiltrates Admin Login

2021-06-09 :: Luke
#php backdoor  #login stealer  #$ccc_url  #wordpress  #PHP  #website malware  WordPress Injection Exfiltrates Admin Login
wp-login.php injection silently exfiltrates a victim’s username and password back to the attacker’s server.
Read more →
Disclaimer: The research posted on this website is for information purposes only. Do not use it for illegal purposes.