SafeUM
Home Blog Services Download Help About Recharge

Axarhöfði 14, 110 Reykjavik, Iceland

Iceland - 2015
SafeUM
Blog
Services
Download
Help
About
Recharge
Menu
Archive
TOP Security!
28 Nov 2016

Hackers advertising and selling phishing kits via YouTube with secret backdoor

Cybercrime, like any other enterprise is a business, albeit an illegal one.

Apart from targeting individuals, businesses and governments, cybercriminals also cash in by creating, using and marketing malware to other crooks. It appears however, that the age old adage of "honour among thieves" does not apply to cybercriminals these days.

Security researchers have uncovered cybercrooks advertising and distributing phishing kits, that come with how-to videos and links to additional information, to wannabe hackers via YouTube. The catch however is that the advertised kits come with a secret backdoor that sends all the phished data back to the author. According to Proofpoint security researchers, hackers using YouTube to advertise and market their malicious wares marks the beginning of a new trend. "A simple search for "paypal scama" returns over 114,000 results," researchers noted, indicating that this new trend already appears to have been propagated fairly successfully.

Researchers said, "Many of the video samples we found on YouTube have been posted for months, suggesting that YouTube does not have an automated mechanism for detection and removal of these types of videos and links. They remain a free, easy-to-use method for the authors of phishing kits and templates to advertise, demonstrate, and distribute their software."

Researchers also added that the YouTube videos came with links to templates and phishing kits. The videos themselves featured the "look and feel of the templates" and provided pointers on how to go about collecting the phished data. One such video was for an Amazon phishing template which cloned the Amazon login page. Researchers noted that this particular video also came with a Facebook link to contact the author.

Proofpoint researchers decoded a sample of a phishing template downloaded from a link provided in a similar video and discovered that the author's Gmail address was "hardcoded to receive the results of the phish every time the kit was used, regardless of who used it." Researchers warned that the concept of honour among thieves does not apply in this case "since multiple samples revealed authors including backdoors to harvest phished credentials even after new phishing actors purchased the templates for use in their own campaigns.

"The real losers in these transactions, though, are the victims who have their credentials stolen by multiple actors every time the kits are used," researchers added. It is still unclear as to how many people may have been affected by this latest phishing scam. The identity and location of the individual/individuals behind this campaign also remains unknown.

Tags:
hackers information leaks YouTube fraud
Source:
IBTimes UK
1987
Other NEWS
3 Jul 2020 safeum news imgage An encrypted messaging service has been infiltrated by police
4 May 2020 safeum news imgage Two-Factor Authentication ​What Is It and Why You Should Use It
12 Dec 2019 safeum news imgage Encryption is under threat - this is how it affects you
4 Nov 2019 safeum news imgage Should Big Decisions Be Based on Data or Your Intuition?
7 Jun 2018 safeum news imgage VPNFilter malware infecting 500,000 devices is worse than we thought
4 Jun 2018 safeum news imgage Hackers target Booking.com in criminal bid to steal hundreds of thousands from customers
1 Jun 2018 safeum news imgage Operator of World's Top Internet Hub Sues German Spy Agency
30 May 2018 safeum news imgage US says North Korea behind malware attacks
29 May 2018 safeum news imgage Facebook and Google targeted as first GDPR complaints filed
25 May 2018 safeum news imgage A new reason to not buy these cheap Android devices
24 May 2018 safeum news imgage Flaws in smart pet devices, apps could come back to bite owners
23 May 2018 safeum news imgage Google sued for 'clandestine tracking' of 4.4m UK iPhone users' browsing data
21 May 2018 safeum news imgage LocationSmart reportedly leaked phone location data onto the web
18 May 2018 safeum news imgage The SEC created its own scammy ICO to teach investors a lesson
17 May 2018 safeum news imgage Thieves suck millions out of Mexican banks in transfer heist
All news
SafeUM
Confidential Terms of Use Our technologies Company
Follow us
Download
SafeUM © Safe Universal Messenger

Axarhöfði 14,
110 Reykjavik, Iceland

Iceland - 2015