216.73.217.86

Cybercriminals attack banking customers in EU with V3B phishing kit

· Published 10/06/2024 11:20 · Modified 10/06/2024 11:31

Export JSON

Essential information

Published
10/06/2024 11:20
Modified
10/06/2024 11:31
Tags
2024-06-10 banking cybercrime fraud phishing social engineering
Related entities
44 observables, 1 intrusion sets (apt), 12 others

Description

An analysis reveals that a cybercriminal group is distributing sophisticated kits to target customers in the European Union. These kits, designed to steal sensitive information like credentials and OTP codes, utilize tactics to deceive victims into revealing personal data. The kit, called 'V3B,' is available through a -as-a-Service model and can be self-hosted. It supports over 54 financial institutions, featuring customized templates that mimic online and e-commerce systems across multiple European countries. The threat actors employ advanced techniques like encrypted code, anti-bot measures, live chat interactions, and support for features like QR Codes, PhotoTAN, and Smart ID for authentication bypass. The kit has gained a significant user base, estimated at hundreds of cybercriminals, resulting in substantial financial losses for customers across the EU.

External references