Check Point experts in together with CyberInt specialists have discovered new-generation phishing-tools for fake website building that are actively advertised in darknet.

According to experts, these tools represent a more advanced generation of threats to create more compelling fake sites.

The author of phishing tools is hiding under the pseudonym [A] pache and encourages users with low technical backgrounds to create their own phishing campaign to gather critical information about users. To start the campaign, just load the multifunction set of phishing tools and follow the installation instructions.

The cost of the phishing kit [A] pache varies from 100 to 300 dollars, which is much higher than the average cost of similar hacking tools on the black market. Their price on average is 20-50 dollars. [A] pache provides the buyer with a full set of tools to attack. One of them is an internal interface through which an attacker can create a fake web page of many well-known retail brands and manage the campaign.

Researchers write that at the moment “in the portfolio” [A] pache there are such famous brands as Walmart, Americanas, Ponto Frio, Casas Bahia, Submarino, Shoptime and Extra. Since the target audience of most of the listed retailers are Brazilians, we can assume that the goal of [A] pache is a person who speaks Portuguese well. However, in the course of the research, some phishing kits were found that are aimed at US brands.

To prevent the phishing victim from doubting that it is buying from an authorized vendor, the attacker creates a similar domain address. Then the cybercriminal gets access to the web hosting with support for PHP and MySQL, then authorizes in the admin panel and can set up their own phishing campaign.