Friend
Professional
- Messages
- 2,653
- Reaction score
- 850
- Points
- 113
The platform hides its activities behind public servers.
The Sniper Dz phishing platform is responsible for the creation of more than 140,000 phishing sites this year. Palo Alto Networks reports that this platform has gained popularity among cybercriminals by offering free phishing templates to its users. However, by using this service, phishers themselves find themselves in a vulnerable position: Sniper Dz administrators receive copies of all stolen data.
Sniper Dz works as a phishing-as-a-service (PhaaS) platform, providing a user-friendly interface for creating phishing pages. To access the admin panel, you need to register, after which users can choose page templates that imitate the sites of popular brands. The service provides two use cases: phishers can either host pages on Sniper Dz servers or download templates for hosting on their own resources.
Surprisingly, Sniper Dz offers its services for free. This may be attributed to the fact that the platform exfiltrates stolen data through built-in tracking mechanisms, allowing the platform's administrators to collect the credentials of victims, including those who use their own servers to host phishing pages.
To disguise its operations, Sniper Dz hides phishing pages behind public proxy servers. This makes it harder to detect fraudulent sites as they appear to be legitimate resources. Attackers also actively use legitimate SaaS platforms to host phishing pages, which helps bypass security systems due to the good reputation of such domains.
Most of the phishing pages associated with Sniper Dz target users of social media and popular online services in the United States. At the same time, as the study notes, the platform's infrastructure is regularly updated, and the number of phishing sites increased sharply in mid-2024.
It is important to note that the platform not only collects stolen data, but also redirects victims to other malicious resources where they may be offered unwanted programs or malicious browser extensions.
Phishing activity associated with the Sniper Dz platform continues to grow, making it a serious threat to Internet users.
Source
The Sniper Dz phishing platform is responsible for the creation of more than 140,000 phishing sites this year. Palo Alto Networks reports that this platform has gained popularity among cybercriminals by offering free phishing templates to its users. However, by using this service, phishers themselves find themselves in a vulnerable position: Sniper Dz administrators receive copies of all stolen data.
Sniper Dz works as a phishing-as-a-service (PhaaS) platform, providing a user-friendly interface for creating phishing pages. To access the admin panel, you need to register, after which users can choose page templates that imitate the sites of popular brands. The service provides two use cases: phishers can either host pages on Sniper Dz servers or download templates for hosting on their own resources.
Surprisingly, Sniper Dz offers its services for free. This may be attributed to the fact that the platform exfiltrates stolen data through built-in tracking mechanisms, allowing the platform's administrators to collect the credentials of victims, including those who use their own servers to host phishing pages.
To disguise its operations, Sniper Dz hides phishing pages behind public proxy servers. This makes it harder to detect fraudulent sites as they appear to be legitimate resources. Attackers also actively use legitimate SaaS platforms to host phishing pages, which helps bypass security systems due to the good reputation of such domains.
Most of the phishing pages associated with Sniper Dz target users of social media and popular online services in the United States. At the same time, as the study notes, the platform's infrastructure is regularly updated, and the number of phishing sites increased sharply in mid-2024.
It is important to note that the platform not only collects stolen data, but also redirects victims to other malicious resources where they may be offered unwanted programs or malicious browser extensions.
Phishing activity associated with the Sniper Dz platform continues to grow, making it a serious threat to Internet users.
Source
