Phishing, Threat Intelligence

Phishing attacks eased by novel FishXProxy kit

Share
Malware phishing data concept

Multi-layered phishing intrusions could be more easily deployed by less experienced threat actors with the new sophisticated FishXProxy phishing kit, which has been promoted across the hacking forums, reports SiliconAngle.

Aside from having a straightforward interface and a highly configurable antibot system allowing automated scanner and researcher filtering, FishXProxy also bolsters the legitimacy of phishing sites by exploiting Cloudflare Workers and SSL certificates, according to an analysis from SlashNext. Phishing links are also obscured by FishXProxy through a built-in redirector, said researchers, who also discovered the phishing kit's automated link expiration functionality. Such a development should prompt the implementation of more robust phishing security training and systems among organizations, noted HoxHunt Oy co-founder and CEO Mika Aalto. "As more phishing attacks consequently bypass filters, we need to make sure our people are equipped with the skills and tools to keep themselves and their colleagues safe. Even advanced attacks will trigger a mental alarm in the upskilled human defense layer," said Aalto.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.