Cloud-based phishing kit hacks the hackers

Security firm Imperva has uncovered a new, automated, cloud-based phishing kit.

Security firm Imperva has uncovered a new, automated, cloud-based phishing kit.

Unlike traditional phishing kits, which have been available for years, this new approach lives in the cloud and relies on hackers exploiting other hackers.

Two master hackers wrote and then posted a phishing kit into hacker forums, but any hacker using this kit becomes an unknowing member of the master hacker's army.

When hackers use this kit and deploy a successful phishing campaign, all the stolen credentials and information goes straight back to the master hacker without the proxy hacker's knowledge.

"It's very clever. The master hacker never needs to conduct a campaign to see financial gain," said Amichai Shulman, chief technology officer at Imperva, who uncovered the cloud-based phishing kit.

Because the phishing kit is cloud-based, the infrastructure for this phishing kit never goes away, said Shulman.

In traditional schemes, when a server is taken down the web page and all the back-end data collection capability comes offline, but in a cloud-based approach data is hosted separately.

Taking down the "front-end" server does not impair the campaign because the command and control centre is unaffected, said Shulman.

This means hackers only need to repost the web front-end in a new location to be back in business, he said.

Read more on Hackers and cybercrime prevention

Join the conversation

1 comment

Send me notifications when other members comment.

Please create a username to comment.

I have to say that this is the first instance I’ve seen of the cloud being used in such as way. It’s pretty ingenious, really, using one of the key benefits of the cloud like that as a sort of DR plan for phishing, but also a little sobering.