A joint operation between Interpol and cybersecurity firms has led to an arrest and shutdown of the notorious 16shop phishing-as-a-service (PhaaS) platform.
A phishing-as-a-service (PhaaS) platform named Caffeine makes it easy for threat actors to launch attacks, featuring an open registration process allowing anyone to jump in and start their own phishing campaigns.
Cash App phishing kit deployed in the wild, courtesy of 16Shop
By
03:29 AM
The developer of the 16Shop phishing platform has added a new component that targets users of the popular Cash App mobile payment service.
Deployment of the new 16Shop product started as soon as it became available, luring potential victims into providing sensitive details that would give fraudsters access to the account and the associated payment information.
16Shop is a complex phishing kit from a developer known as DevilScream, who set up a protection mechanism against unlicensed use and research activity.
The kit is commercially available and localized in multiple languages. Until recently, it provided code and templates to steal login credentials and payment card details for PayPal, Amazon, Apple, and American Express.