Cybercriminals are leveraging a new phishing kit named ‘V3B’ on Telegram to target customers of 54 major financial institutions across Europe. Priced between $130-$450 per month, the kit boasts advanced features including obfuscation, localization options, and support for OTP/TAN/2FA. Resecurity researchers, who discovered V3B, note its Telegram channel already has over 1,250 members, indicating significant interest in this new phishing-as-a-service platform.
The V3B kit employs heavily obfuscated JavaScript code and a custom CMS to evade detection by anti-phishing and search engine bots. It offers professionally translated pages in multiple languages to enhance the effectiveness of phishing attacks, facilitating multi-country campaigns. Designed for both mobile and desktop platforms, the kit can intercept banking credentials, credit card details, and utilizes an admin panel (uPanel) for real-time interaction with victims via chat to obtain OTPs.
Notably, V3B supports PhotoTAN and Smart ID to bypass advanced authentication technologies used by German and Swiss banks. This adaptation showcases the evolving strategies of cybercriminals in overcoming traditional security measures. Phishing kits like V3B enable cybercriminals, even those with limited technical expertise, to orchestrate highly damaging attacks against unsuspecting bank customers, underscoring the ongoing challenges faced by fraud prevention teams.
