Security News > 2022 > July > PayPal phishing kit added to hacked WordPress sites for full ID theft
A newly discovered phishing kit targeting PayPal users is trying to steal a large set of personal information from victims that includes government identification documents and photos.
The kit is hosted on legitimate WordPress websites that have been hacked, which allows it to evade detection to a certain degree.
Researchers at internet technology company Akamai found the phishing kit after the threat actor planted it on their WordPress honeypot.
The researchers noticed that the author of the phishing kit made an effort to make the fraudulent page look professional and mimic the original PayPal site as much as possible.
The victim is asked to log into their PayPal account using their email address and password, which are automatically delivered to the threat actor.
Although the phishing kit appears sophisticated, the researchers discovered that its file upload feature comes with a vulnerability that could be exploited to upload a web shell and take control of the compromised website.