A new phishing kit named Spiderman is targeting European banks and fintech services by creating realistic fake sites to steal login info and authentication codes. Its modular design allows for continuous updates, making it a significant threat to financial institutions and cryptocurrency wallets. #Varonis #SpidermanPhishing
Keypoints
- Spiderman is a modular phishing kit targeting major European banks and fintech platforms.
- It captures login credentials, 2FA codes, credit card data, and cryptocurrency seed phrases.
- The kit features real-time victim session monitoring and data harvesting via a control panel.
- It can be customized to target specific countries, devices, and authentication methods like PhotoTAN.
- Researchers warn that data stolen with Spiderman can lead to account takeover, fraud, and identity theft.