"Robin Banks" Phishing Service Reemerges on Russian Platform

by
janrinok
from SoylentNews on (#65P5R)

upstart writes:

Robin Banks phishing service reemerges on Russian platform:

Robin Banks, the phishing-as-a-service (PHaaS) platform that was kicked off Cloudflare for malicious activity, is back in action with a Russian service provider and new tools to make it easier to bypass security measures.

IronNet's Threat Research unit first wrote about Robin Banks in July, detailing a threat group that was selling phishing kits to cybercriminals who then would use those tools to steal credentials and financial data of people in the US, the UK, Canada, and Australia.

Additionally, the attackers worked to steal Google and Microsoft credentials, indicating Robin Banks was also interested in establishing initial access that could then be used by other cybercriminals for advanced attacks like ransomware.

The crew has been operating since at least March 2022, researchers said. A major campaign in July targeted information relating to Citibank and Microsoft.

Read more of this story at SoylentNews.

External Content
Source RSS or Atom Feed
Feed Location https://soylentnews.org/index.rss
Feed Title SoylentNews
Feed Link https://soylentnews.org/
Feed Copyright Copyright 2014, SoylentNews
Reply 0 comments