Hackers are increasingly turning to Greatness phishing kits due to their advanced features, ease of use, and relatively low cost, according to a new report from Trustwave cybersecurity researchers SpiderLabs.
Greatness was developed by an attacker going by the alias “fisherstell” and has been available since mid-2022 primarily targeting Microsoft 365 office software users.
Other hackers can rent this tool and get everything they need to run a successful phishing campaign, from email generation to detection measures to an active community willing to help. I can.
To purchase a license, hackers must visit the tool's Telegram channel and pay $120 per month in Bitcoin. You then get customizable email elements and can adjust the sender name, email address, subject, message, attachments, and QR code. They can also use features such as header randomization, encoding, and other obfuscation techniques aimed at bypassing email security filters and funneling emails into victims' inboxes.
While all the features probably sound appealing, Trustwave suggests that it's the price that makes the biggest difference. “This means that anyone can launch a phishing campaign by paying a minimum monthly fee of $120 in Bitcoin, lowering the barrier to entry for cybercriminals,” the company said.
This kit is designed to target Microsoft 365 account credentials. Multi-factor authentication (MFA) solutions can also be bypassed by requesting a code sent to the victim's phone or email address. Finally, the username and password extracted by this phishing attack are sent to the attacker again through her Telegram.
To stay safe, Microsoft 365 users should never read or respond to emails, especially emails that are urgent (such as pending transactions, returned packages, or payroll inquiries) or attachments that may contain malware. We recommend that you be careful when doing so.