• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
Cyber Security News

DEV-1101 Updates Open Source Phishing Kit

You are here: Home / General Cyber Security News / DEV-1101 Updates Open Source Phishing Kit
March 14, 2023

The danger actor recognised as DEV-1101 has been noticed establishing and promotion a new adversary-in-the-middle (AiTM) open source phishing package.

The Microsoft Threat Intelligence workforce shared the findings in an advisory revealed on Monday, conveying the kit can automate the setup and start of phishing action and present support for attackers.

“The risk actor team commenced offering their AiTM phishing kit in 2022, and considering the fact that then has made many enhancements to their kit,” reads the Microsoft advisory.

✔ Approved Seller From Our Partners
Mullvad VPN Discount

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount


These consist of the functionality to manage strategies from mobile equipment and evasion capabilities like the bypass of CAPTCHA webpages.

In accordance to a blog site submit noticed by Microsoft on a cyber forum in May well 2022, the DEV-1101 package is prepared in NodeJS with PHP reverse-proxy capabilities, automated set up and detection evasion by an antibot databases.

It also options phishing management action through Telegram bots, as perfectly as many ready-built phishing webpages impersonating solutions like Microsoft Office or Outlook.

Study far more on Telegram bots right here: Telegram Bot Abuse For Phishing Enhanced By 800% in 2022

“On June 12 2022, DEV-1101 declared that the package would be open supply with a $100 regular licensing cost,” Microsoft wrote. “The actor also delivered one-way links to extra Telegram channels and a now-defunct GitHub webpage.”

Months later on, DEV-1101 then upgraded the package yet again to contain the capability to take care of servers by way of a Telegram bot alternatively of cPanel.

“DEV-1101 was in a position to maximize the rate of their resource multiple occasions owing to the quick expansion of their user base from July by means of December 2022,” Microsoft defined. “As of this creating, DEV-1101 delivers their tool for $300, with VIP licenses at $1,000. Legacy buyers ended up permitted to carry on getting licenses at $200 prior to January 1 2023.”

The tech large included that it noticed quite a few danger actors conducting significant-scale phishing strategies (tens of millions of phishing emails per day) utilizing the resource supplied by DEV-1101.

Also in phishing-linked news, cybersecurity scientists at Cyble not long ago warned of several new Windows and Android phishing campaigns relying on ChatGPT for malware distribution.


Some elements of this short article are sourced from:
www.infosecurity-magazine.com

Previous Post: «Cyber Security News CISA Creates New Ransomware Vulnerability Warning Program
Next Post: YoroTrooper Espionage Campaigns Target CIS, EU Countries Cyber Security News»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Malicious Python Package Uses Unicode Trickery to Evade Detection and Steal Data
  • Some GitHub users must take action after RSA SSH host key exposed
  • THN Webinar: Inside the High Risk of 3rd-Party SaaS Apps
  • Pension Protection Fund confirms employee data exposed in GoAnywhere breach
  • GitHub Swiftly Replaces Exposed RSA SSH Key to Protect Git Operations
  • Now UK Parliament Bans TikTok from its Network and Devices
  • IRS Phishing Emails Used to Distribute Emotet
  • Researchers Uncover Chinese Nation State Hackers’ Deceptive Attack Strategies
  • Fifth of Execs Admit Security Flaws Cost Them New Biz
  • Online Safety Bill: Why is Ofcom being thrown under the bus?

Copyright © TheCyberSecurity.News, All Rights Reserved.