Sniper Dz [1] [2] [3] [4] [5] [6] [7], a Phishing-as-a-Service platform [1] [2] [3] [4] [5] [6] [7], has been identified as a significant threat in the cybercriminal landscape.

Description

Sniper Dz [1] [2] [3] [4] [5] [6] [7], a Phishing-as-a-Service platform [1] [2] [3] [4] [5] [6] [7], has been linked to over 140,000 phishing websites in the past year [3] [6], utilized by cybercriminals for stealing credentials. The platform provides phishing templates for popular websites like Twitter, Facebook [6], Instagram [6], Netflix [6], and PayPal through an online admin panel. Cybercriminals using Sniper Dz engage in double theft by sending stolen credentials to the platform operators [6]. The platform operates a Telegram channel with more than 7,170 subscribers [6], allowing phishers to host phishing pages on its infrastructure or download templates for use elsewhere [6]. Phishing pages are often hidden behind proxy servers to avoid detection [6]. A surge in phishing activity targeting US users has been attributed to Sniper Dz since July 2024 [6]. Attackers are also exploiting web pages connected to SMTP infrastructure to bypass spam filters and distribute phishing emails [4] [7]. Some campaigns involve credential stuffing attacks against mail servers to gain access to email accounts and send spam [4]. A recent email phishing campaign has been identified using a Microsoft Excel document to distribute a fileless variant of Remcos RAT by exploiting CVE-2017-0199, injecting the RAT into a legitimate Windows process [4]. Phishing kits can be obtained on Telegram channels [1] [4] [7], with Sniper Dz managing a channel with over 7,000 members [1]. The platform offers scam templates for various online sites in multiple languages and provides tools to convert phishing templates to Blogger format for hosting on Blogspot domains [7]. The stolen credentials are accessible on an admin panel accessible through the clearnet site [4] [7].

Conclusion

The prevalence of Sniper Dz and its sophisticated tactics highlight the need for enhanced cybersecurity measures to protect against phishing attacks. Organizations and individuals should remain vigilant and implement security protocols to mitigate the risks posed by platforms like Sniper Dz. Additionally, law enforcement agencies and cybersecurity professionals must continue to monitor and combat the activities of cybercriminals utilizing such services to safeguard online security.

References

[1] https://rhyno.io/blogs/cybersecurity-news/the-rise-of-phishing-as-a-service/
[2] https://www.cyclonis.com/remove-sniper-dz-phishing-tools/
[3] https://pledgetimes.com/sniper-dz-steals-credentials-from-over-140000-sites/
[4] https://thehackernews.com/2024/10/free-sniper-dz-phishing-tools-fuel.html
[5] https://www.aeroaccess.de/news/cybersecurity/sniper-dz-phishing-tools-befeuern-ueber-140-000-cyberangriffe-auf-zugangsdaten/
[6] https://www.blackhatethicalhacking.com/news/sniper-dz-the-phaas-platform-behind-140000-phishing-sites-exposed/
[7] https://cybermind.in/free-sniper-dz-phishing-tools-fuel-140000-cyber-attacks-targeting-user-credentials/