Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

This is a good Phish


  • Please log in to reply
3 replies to this topic

#1 JohnnyJammer

JohnnyJammer

  • Members
  • 1,117 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:QLD Australia
  • Local time:05:50 AM

Posted 10 April 2017 - 04:55 PM

I must say i was impressed by this phishing website hey, i have seen a few of these coming in early ready for tax time mid year!.

http://urlquery.net/report.php?id=1491859576262



BC AdBot (Login to Remove)

 


#2 TsVk!

TsVk!

    penguin farmer


  • Members
  • 6,236 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Antipodes
  • Local time:05:50 AM

Posted 10 April 2017 - 05:53 PM

It's really well done.

 

We've been seeing a lot of spoofed ASIC emails also, extremely well crafted. We had to create custom rules especially for them.



#3 Just_One_Question

Just_One_Question

  • Members
  • 1,400 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:10:50 PM

Posted 10 April 2017 - 07:30 PM

If you are this good a coder, why bother being an outlaw, lol? I mean, you can surely land a job at Facebook, Apple, you name it...
It's probably a psychological decision, an affinity to crime, I guess.

#4 JohnnyJammer

JohnnyJammer
  • Topic Starter

  • Members
  • 1,117 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:QLD Australia
  • Local time:05:50 AM

Posted 11 April 2017 - 06:33 PM

If you are this good a coder, why bother being an outlaw, lol? I mean, you can surely land a job at Facebook, Apple, you name it...
It's probably a psychological decision, an affinity to crime, I guess.

The reason is, if you can obtain a users credentials for their domain then this gives you a lot of power.

 

This could give you VPN access, allow you to remote in and token sniff/inject, send emails with out the need to spoof and get someone to run your crypt0/malware which in the long term might generate you some thousands of $'s for ransomware.

Once you get a user credentials you also get their contact list to send even more emails.

 

You need to remember that if you got some CEO or a Director of a company's username/pass then they are more likely to have higher NTFS permissions on a domain which widens the attack and crtyp of files (Makes people more desperate to pay).

 

The list could go on & on mate, all i would need is a username and password for a basic user to start causing havoc in a network. You can make 10 tiems the amount being the bad guy because you can automate infections and demand payment instead of sitting their writing applications for a company who doesnt pay well.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users