Summary: Intrinsec’s Cyber Threat Intelligence team has discovered a sophisticated phishing toolkit called “Premium Panel,” utilized for large-scale credential theft operations for over two years. This toolkit, which targets various industries, including banking and telecommunications, allows even low-tier threat actors to easily deploy phishing campaigns. Key features include a centralized control panel for managing phishing pages and tracking victims, revealing a high level of technical sophistication and a wide geographical reach of attacks.
Affected: Global banking, logistics, and telecommunications industries
Keypoints :
- Premium Panel toolkit facilitates credential theft through phishing websites that mimic legitimate login pages.
- Operators can track victims, manage phishing pages, and receive notifications via Telegram integration.
- The toolkit displays technical sophistication with dynamic redirects and the exploitation of shared IPs for multiple campaigns.
- Compromised legitimate websites are frequently used to host phishing pages, enhancing their credibility.
- Indicators of operational security mistakes by attackers have been identified, which could help map their networks.
Source: https://securityonline.info/premium-panel-phishing-toolkit-exposed-two-years-of-global-attacks/