Discover how the V3B phishing kit infiltrates 54 European banks, employing advanced tactics to exploit unsuspecting customers…

Continue reading
A sophisticated phishing kit, dubbed V3B, lately leveraged by cybercriminals to target banking customers across Europe has surfaced now.
This kit is designed to intercept sensitive information such as credentials and OTP codes. Utilizing the Phishing-as-a-Service (PhaaS) model, V3B is available for both subscription and self-hosting.
The V3B phishing kit is provided through a PhaaS model, priced between $130 and $450 per month. This model democratizes access to sophisticated phishing tools, allowing less skilled criminals to execute complex attacks.
The V3B kit offers several advanced features:
Resecurity's analysis identified the following banks targeted by the V3B phishing kit:
The V3B phishing kit uses heavily obfuscated JavaScript to prevent detection and reverse engineering. This obfuscation involves:
(function(_0x1234, _0x5678){
var _0x9abc = function(_0xdef0){
while(--_0xdef0){
_0x1234['push'](_0x1234['shift']());
}
};
_0x9abc(++_0x5678);
}(_0x5f1b, 0xa3));
var _0x4f2d = function(_0x1245, _0x6789){
_0x1245 = _0x1245 - 0x0;
var _0xabcd = _0x5f1b[_0x1245];
return _0xabcd;
};The phishing kit includes localized templates to mimic the authentication processes of targeted banks.
Each template is professionally translated, increasing the credibility and effectiveness of phishing attacks.
The kit supports multiple authentication bypass methods, including:
Cybercriminals using the V3B kit employ various social engineering techniques to trick victims into revealing sensitive information. These include:
Some actors also engage in SIM swapping to intercept OTPs sent via SMS. This method involves transferring the victim's phone number to a new SIM card controlled by the attacker.
The V3B phishing kit has resulted in substantial financial losses for European banking customers. The sophisticated features and real-time interaction capabilities make it a formidable tool in the hands of cybercriminals. Resecurity estimates that millions of euros have been stolen through these phishing campaigns.
Resecurity has identified several IOCs associated with the V3B phishing kit. These include MD5 hashes and domain names used in phishing campaigns.
Banks should actively monitor the dark web for emerging threats like the V3B phishing kit. Proactive intelligence collection can help in identifying and mitigating risks before they cause significant damage.
Implementing multi-factor authentication (MFA) methods that go beyond SMS-based OTPs can help in reducing the effectiveness of phishing attacks. Banks should consider using hardware tokens or biometric verification.
Regular training programs should be conducted to educate employees about the latest phishing techniques and how to identify suspicious activities. Awareness is a critical component in defending against social engineering attacks.

148 malicious npm packages masquerading as student proxy and school Wi-Fi bypass tools. Rather than compromising developers during installation