A sophisticated new smishing kit dubbed “Panda Shop” has emerged from China, enabling cybercriminals to steal financial data including Google Pay, Apple Pay, and credit card details. The kit also supports OTP (One-Time Password) collection capabilities similar to the previously documented “EvilProxy” phishing platform, allowing attackers to establish live sessions with victims to bypass multi-factor authentication systems. A “Panda Shop” USPS phishing template displaying the credit card data collection interface. This kit leverages advanced social engineering tactics by impersonating trusted organizations like USPS, DHL, and major banking institutions, creating convincing phishing pages that are nearly indistinguishable from authentic sites on mobile devices. These internet-based communication platforms provide cybercriminals with richer tools for creating convincing attacks, better engagement features, and more sophisticated methods of deception than traditional SMS-based approaches. The “Panda Shop” operation appears to be connected to or possibly a rebranding of the previously identified “Smishing Triad” group. When victims open such pages, they believe they’re visiting legitimate websites that sent mobile notifications requesting additional information to receive a parcel or verify account details. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. Analysis of exposed configuration files revealed a Shanghai time zone setting and references to NACOS, a Chinese service management platform by Alibaba, confirming the threat actors’ Chinese origin. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news.
This Cyber News was published on cybersecuritynews.com. Publication date: Wed, 07 May 2025 12:29:58 +0000