Security News > 2024 > June > New V3B phishing kit targets customers of 54 European banks
Cybercriminals are promoting a new phishing kit named 'V3B' on Telegram, which currently targets customers of 54 major financial institutes in Ireland, the Netherlands, Finland, Austria, Germany, France, Belgium, Greece, Luxembourg, and Italy.
The phishing kit, priced between $130-$450 per month depending on what is purchased, features advanced obfuscation, localization options, OTP/TAN/2FA support, live chat with victims, and various evasion mechanisms.
Stolen information is transmitted back to the cybercriminals through the Telegram API. Among the real-time interaction trigger options, there is a QR code login jacking feature that enables cybercriminals to generate QR codes for phishing pages, taking advantage of a false sense of legitimacy stemming from the victim's familiarity with trusted services using that method.
Another notable feature of the V3B kit is support for PhotoTAN and Smart ID to bypass advanced authentication technologies that German and Swiss banks widely use.
Phishing kits are key enablers of cybercrime, allowing low-skilled threat actors to launch highly damaging attacks against unsuspecting bank customers.
At the time of its bust, LabHost had 10,000 users worldwide, launching phishing attacks through 40,000 domains.