Cyber criminals are using a previously undocumented phishing-as-a-service (PhaaS) toolkit called Caffeine to effectively scale up their attacks and distribute nefarious payloads.
“This platform has an intuitive interface and comes at a relatively low cost while providing a multitude of features and tools to its criminal clients to orchestrate and automate core elements of their phishing campaigns,” Mandiant said in a new report.
Some of the core features offered by the platform comprise the ability to craft customized phishing kits, manage redirect pages, dynamically generate URLs that host the payloads, and track the success of the campaigns.
The development comes a little over a month after Resecurity took the wraps off another PhaaS service dubbed EvilProxy that’s offered for sale on dark web criminal forums.
But unlike EvilProxy, whose operators are known to vet prospective customers before activating the subscriptions, Caffeine is notable for running an open registration process, effectively enabling anyone with an email address to sign up for the service.
images from Hacker News