Researchers at Fortra are tracking “Strox,” one of the most popular phishing operations of the past two years. Users of Strox phishing kits can easily create phishing campaigns by simply submitting a logo for the brand they want to impersonate.
“Currently, twelve phishing kits are sold on Strox for $90 USD each. A purchase of one of these kits includes a unique API key that promises the buyer continued development and updates of the page content and antibot information,” Fortra says.
“Customers are able to view demo phishing pages before buying them for use and may customize which pages are active when an attack is live. In all available kits, phishing content auto translates its language to match the selected language of the victim’s browser. The service claims that over 230 languages are available.”
Strox kits are easy-to-use and highly automated, allowing users to run multiple phishing campaigns simultaneously.
“All scam kits available from Strox include a real-time admin panel which allows the phisher to control and monitor their active attacks,” the researchers write. “Logging information on the pages provides a live look at the number of people currently looking at phishing content and the actions that are being taken. This functionality is also leveraged in man-in-the-middle style attacks to obtain two-factor authentication codes and bypass additional security checks. When the threat actor is not available to monitor phishing attacks, they may opt to set phishing attacks to a dormant state. This measure may prevent pages from being detected during times when they are unproductive.”
Notably, Strox also offers to set up bulletproof hosting infrastructure for customers’ phishing campaigns for just three dollars per day.
KnowBe4 enables your workforce to make smarter security decisions every day. Over 65,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.
Fortra has the story.
