Activity of Haozi phishing service surging, report finds

Hackread reports that Chinese phishing-as-a-service platform Haozi has amassed more than $280,000 in Tether from illegal ads linking cybercriminals purchasing its phishing kit to intermediary services during the past five months.

Extensive customer support services, including custom phishing page requests and tutorials, have helped Haozi gain traction among less sophisticated threat actors, with the PhaaS operation immediately gaining nearly 2,000 followers on Telegram after its initial community on the encrypted messaging app was dismantled, according to a Netcraft analysis. Such a development comes amid the escalating threat presented by PhaaS networks, with Darcula previously reported to have been updated with artificial intelligence capabilities for multi-lingual scam page creation, Morphing Meerkat revealed to have leveraged DNS vulnerabilities in its years-long operations, and Sneaky 2FA discovered to have been using a Telegram bot to compromise Microsoft 365 accounts. Increasingly sophisticated phishing and social engineering tactics employed by PhaaS networks require intensified cybersecurity training programs for employees, said researchers.