The kit’s session management capabilities track victim progress through the phishing flow, with Chinese-language status messages in the JavaScript indicating: “当前正在首页” (Currently on the home page), “当前已填写完成” (Currently completed filling out), and “当前正在填卡页面” (Currently on the card filling page). According to leaked Telegram communications from the developer “Wang Duo Yu,” the kit provides “real-time synchronization, one-click setup, one-click update, automatic diversion,” and multiple verification methods including OTP verification, app verification, PIN verification, and 3DS verification. A sophisticated Chinese eCrime group known as “Smishing Triad” has expanded its operations to target organizations and individuals across at least 121 countries worldwide. The group, active since 2023, has systematically targeted multiple industries including postal services, logistics, telecommunications, transportation, retail, and public sectors through SMS phishing (“smishing”) campaigns. In today’s fast-paced digital world, Chief Information Security Officers (CISOs) are under immense pressure to protect their organizations from increasingly sophisticated cyber threats. Organizations are advised to implement multi-factor authentication and educate users about smishing threats to mitigate these increasingly sophisticated attacks targeting financial credentials. Technical analysis of the JavaScript file (index-D76-mPwS.js) associated with Lighthouse reveals targeting parameters for numerous financial institutions including PayPal, Mastercard, Visa, HSBC, and several Australian banks. The group sends fraudulent SMS messages containing phishing links that redirect victims to convincing replicas of legitimate websites. The group boasts “300+ front desk staff worldwide” supporting their fraud operations, suggesting a highly organized criminal enterprise with significant resources. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news. The phishing administration panel allows attackers to customize directory structures, implement country-based IP filtering, and adjust payment amounts demanded from victims. The kit creates convincing replicas of banking interfaces, complete with sophisticated multi-stage verification processes.
This Cyber News was published on cybersecuritynews.com. Publication date: Sun, 13 Apr 2025 06:35:09 +0000