Security News > 2024 > July > This AI-Powered Cybercrime Service Bundles Phishing Kits with Malicious Android Apps
A Spanish-speaking cybercrime group named GXC Team has been observed bundling phishing kits with malicious Android applications, taking malware-as-a-service offerings to the next level.
The phishing kit is priced anywhere between $150 and $900 a month, whereas the bundle including the phishing kit and Android malware is available on a subscription basis for about $500 per month.
"Unlike typical phishing developers, the GXC Team combined phishing kits together with an SMS OTP stealer malware pivoting a typical phishing attack scenario in a slightly new direction," security researchers Anton Ushakov and Martijn van den Berk said in a Thursday report.
Phishing kits, which also come with adversary-in-the-middle capabilities, have become increasingly popular as they lower the technical barrier to entry for pulling off phishing campaigns at scale.
What's more, such AiTM phishing kits can also be used to break into accounts protected by passkeys on various online platforms by means of what's called an authentication method redaction attack, which takes advantage of the fact that these services still offer a less-secure authentication method as a fallback mechanism even when passkeys have been configured.
The disclosure comes amid a recent surge in phishing campaigns embedding URLs that are already encoded using security tools such as Secure Email Gateways in an attempt to mask phishing links and evade scanning, according to Barracuda Networks and Cofense.
News URL
https://thehackernews.com/2024/07/spanish-hackers-bundle-phishing-kits.html
Related news
- OpenAI Blocks 20 Global Malicious Campaigns Using AI for Cybercrime and Disinformation (source)
- AI and deepfakes fuel phishing scams, making detection harder (source)
- Google Cloud Cybersecurity Forecast 2025: AI, geopolitics, and cybercrime take centre stage (source)
- Google launches on-device AI to alert Android users of scam calls in real-time (source)