There is a rising trend of cybercrime sites for wannabe "crims" that make malicious hacking a point-and-click exercise. A new report describes two more sites that were discovered by security researchers.
The first is Ovidiy Stealer, found by Proofpoint, which steals passwords and is marketed on Russian-language website for 7 bucks. It's regularly updated and the sales seem to skyrocket.
The Ovidiy Stealer malware currently has several versions in the wild, targeting people around the world, including the United Kingdom, the Netherlands, India, and Russia.
Despite its low price, the malware build executables are encrypted, which make them difficult to detect and analyse. Written in .NET, the credentials stealer malware comes with the ability to target multiple applications and browsers, including Google Chrome, Opera, FileZilla, Amigo, Kometa, Torch, and Orbitum, but buyers can purchase a version that only works on a single browser.
The malware is being distributed via a number of methods, including malicious email attachments, malicious links to a download, fake software or tools offered on various file-hosting websites, and even within software packages.
Second is Hackshit, discovered by the Netskope Threat Research Labs, and is a Phishing-as-a-Service (PhaaS) platform that offers low cost, "automated solution for the beginner scammers."
This platform offers free trial accounts to test their hacking tutorials and tricks to make easy money. "The marketplace is a portal that offers services to purchase and sell for carrying out the phishing attacks," Netskope researcher Ashwin Vamshi says.
Hackshit allows wannabe hackers (subscribers) to generate their unique phishing pages for several services, including Yahoo, Facebook, and Google's Gmail. "The attacker then generates a phished page from the page/generator link and logs into the email account of the compromised victim, views all the contacts and sends an email embedded with the phished link." More at the Hacker News.
Sites Like These Are Why We Are Working On AIDA
AIDA stands for Artificial Intelligence Driven Agent and uses artificial intelligence to dynamically create integrated campaigns that send emails, text and voicemail to an employee, simulating a multi-vector social engineering attack. It attempts to have the employee either click on a phishing link, tap on a link in a text message, or respond to a voice mail – any of which could compromise your network. In short, AIDA uses Artificial Intelligence to inoculate your employees against social engineering.
See it for yourself and get a live, one-on-one demo.
PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:
https://info.knowbe4.com/kmsat-request-a-demo