This new phishing toolkit called FishXProxy is available on the Dark Web, it has significantly lowered the entry level for cybercriminals to engage in complex cyber operations. Existing as ‘The Ultimate Powerful Phishing Toolkit,’ the utility includes sophisticated components such as Cloudflare CDN and antibot systems, which were developed to avoid detection by anti-phishing applications.
Some of the most noticeable tools associated the given kit are the ability to generate dynamic links and explicit page expiration settings to avoid automated email scanners. Furthermore, it uses HTML smuggling to bypass the typical victims’ security measures to deliver payloads and enhance the chances of stealing their login credentials and exploiting them.
As pointed out by Callie Guenther, a senior manager of cyber threat research at Critical Start, FishXProxy’s importance lies in the service’s capacity to provide customized sophisticated phishing strategies to any potential attacker irrespective of his/her expertise in hacking. This freedom is also expected to tremendously increase both the quantity and the quality of phishing scams, which in return calls for enhanced and diverse security mechanisms.
Jason Soroko of Sectigo, a senior vice president product at Sectiko also agrees saying that the integration with Cloudflare CDN gives phishing operators the infrastructure of a Fortune 500 company, hence, hard to track and even harder to take down.
Thus, the CEO of Hoxhunt, Mika Aalto, proposes to strengthen the protection against these types of threats by leveraging human threat intelligence. Informing employees about phishing attacks and making sure they report suspicious instances can be complemented by the use of specific buttons and Easter eggs to enhance an organization’s defenses.
With the hackers always adapting to the new technologies, it is important for the security personnel to match up to these assailants by employing stronger measures and to also ensure that their threat intelligence is up to date so as to contain tools such as FishXProxy.