The existence of phishing and Trojan creation kits is not newsworthy. There are many. This one that we present is characterized by having a "special" interface that facilitates the creation of false pages of different entities.Usually, phishing kits facilitate the management of three parts:
The replica of the web page that pretends to be simulated. This consists in turn of HTML pages, JavaScript, etc. that are usually hung on any server and the user must be encouraged to visit it. It is very easy to obtain since it is worth "downloading" with some program the legitimate web. The logic of password theft. It is usually a PHP program that either sends the form passwords by email, or stores them in a file on the server itself and the attacker will get them from there later. They are usually just a few very simple lines of code. In the kit, it leaves everything ready so that the user only has to modify the address to which he wants the stolen passwords to go. An email that, with any excuse, invites the user to visit the simulated website. It usually contains a logo and will be sent in bulk to thousands of email accounts. Specific programs are usually used for the mass sending of emails or programs also in PHP that take advantage of the mail engine of third-party pages. This kit compiles these three elements for a good number of banks and Internet entities: From Youtube, Gmail, or Facebook, to Banamex, Cajamadrid... through eBay and MegaUpload.This copy is, technically, extremely simple, in addition to simplifying the user's task of creating phishing. But the author has wanted to give it a point of unnecessary (and even naïve) complexity to give it a professionalism that it lacks.
Even so, the case can serve to raise awareness about how simple it is for anyone to obtain the necessary infrastructure to mount a scam of this type on the Internet.
Source: Hispasec
Leave your comment