King Servers, “DIe$el” and the Ransomware and Exploit kits business

Have you ever heard of King Servers? Most likely. Have you heard of SecretsLine? Maybe not. Again not a good combo. King Servers is a hosting company, providing dedicated servers, VPS in the USA, NL, and Russia. A person of interest going by the handle "King Servers," and uses the email address ivan@king-servers[.]com is part …

Continue reading King Servers, “DIe$el” and the Ransomware and Exploit kits business

Dubai Islamic Bank phishing kit

Another phishing kit has emerged recently from the same actor "traderpcp" who seems to be very specialized into offering web shells, phishing kits, spam lists (also called leads), hacking tools, and cpanel access. The threat actor "traderpcp" is very active on a criminal marketplace where he sells his wares. We discovered a new phishing kit on a compromised …

Continue reading Dubai Islamic Bank phishing kit

Kiwibank users targeted by email phishing scam

Kiwibank users may be at risk as email phishing scam are leveraged by criminals to harvest Kiwibank users' credentials. The victims will be redirected to a malicious phishing website controlled by the criminals once they click on the link in the phishing emails received. Below is a copy of what the site looks like: Here is …

Continue reading Kiwibank users targeted by email phishing scam

Bank account brute forcing tool by Strannik

A bank account brute forcing tool is a small program that is used by criminals to verify bank accounts credentials validity against the bank website. All it needs is a list of credentials in the following format - username:password. We found one of this program, called CapitalOne Brute created by Strannik. This program is meant …

Continue reading Bank account brute forcing tool by Strannik