Banking Malware on the Rise: V3B Phishing Kit Targets European Customers

New V3B Phishing Kit Steals Logins and OTPs from EU Banking Users

New phishing kit targets European bank users! Protect yourself from V3B attacks designed to steal your logins and one-time passwords (OTPs). Learn how to spot these scams and keep your finances safe.

Cybercriminals are constantly developing new tactics to steal financial information from unsuspecting victims. A recent report by cybersecurity firm Resecurity highlights a dangerous new threat – the V3B phishing kit – specifically targeting European banking customers.

What is a Phishing Kit?

These are pre-made toolkits readily available on the dark web, allowing even novice cybercriminals to launch sophisticated phishing attacks by providing pre-designed email templates, fake login pages, and even malware.

The V3B Phishing Threat

According to Resecurity, a cybercriminal group is selling a sophisticated phishing kit called “V3B” on Telegram. A group member, using the alias “Vssrtje,” launched operations in March 2023, and the kit is priced between $130-$450 per month.

It has already attracted over 1,255 skilled cybercriminals specializing in fraud, including social engineering, SIM swapping schemes, and banking and credit card fraud. V3B supports targeted attacks on over 54 EU (European Union) financial institutions including the following:

  • Italy
  • Ireland
  • Austria
  • France
  • Finland
  • Greece
  • Belgium
  • Germany
  • Netherlands
  • Luxembourg

Key Features

The kit can intercept sensitive information, including credentials and OTP (one-time password) codes, using social engineering tactics. It has two components: a scenario-based credential interception system (V3B) and online banking authorization pages. 

Built on a customized CMS, the kit features templates in multiple languages, including Finnish, French, and German, mimicking the authentication and verification processes of the EU’s online banking and e-commerce systems. In addition, it has advanced features like updated tokens, anti-bot measures, mobile and desktop interfaces, live chat, and OTP/TAN/2FA support. 

Through real-time interaction with victims, the kit allows fraudsters to orchestrate specific actions, gain unauthorized access, or facilitate fraudulent transactions. It triggers a request for QR Code, a new twist on QR code phishing, using a browser extension to grab codes from a service’s site and pipe them to a phishing site. The kit also uses PhotoTAN and Smart ID support, a popular method of authentication for mobile banking, to manipulate the victim’s actions.

How to Stay Safe?

To protect yourself from V3B phishing attacks, verify the sender’s email address carefully, avoid entering information on unfamiliar websites, and enable multi-factor authentication (MFA) as an extra layer of security. Staying vigilant and following these security best practices can significantly reduce your chances of falling victim to V3B phishing attacks or similar scams.

  1. EvilProxy Phishing Kit Hits 100+ Firms, Bypasses MFA
  2. BlackLotus UEFI bootkit Can Bypass Secure Boot on Windows
  3. Meet MEWKit, a tricky phishing attack draining Ethereum wallets
  4. Telekopye Toolkit Used as Telegram Bot to Scam Marketplace Users
  5. NPM Typosquatting Attack Deploys r77 Rootkit via Legitimate Package
Total
0
Shares
Related Posts