Microsoft Outlook users have had their credentials sought to be compromised by an AI-assisted phishing kit as part of a Spanish-speaking phishing campaign that has been underway since March, Cyber Security News reports.
Attacks, which were monitored through the OUTL string embedded with four mushroom emojis, involved redirecting targets to a fake Spanish-language Outlook login interface, where inputted credentials would be validated by the phishing kit before enabling IP and location data gathering, according to an analysis from Sage Hollow researchers.
All of the phishing kit's variants, the most recent of which is disBLOCK.js with clear functions and indentations suggesting AI-based code generation, were found to have an exfiltration payload with a standardized format, allowing HTTPS POST request-based data transmission to Discord webhooks or Telegram bot APIs.
Such findings were noted to be indicative of the kit's operation under a phishing-as-a-service model.
Attacks, which were monitored through the OUTL string embedded with four mushroom emojis, involved redirecting targets to a fake Spanish-language Outlook login interface, where inputted credentials would be validated by the phishing kit before enabling IP and location data gathering, according to an analysis from Sage Hollow researchers.
All of the phishing kit's variants, the most recent of which is disBLOCK.js with clear functions and indentations suggesting AI-based code generation, were found to have an exfiltration payload with a standardized format, allowing HTTPS POST request-based data transmission to Discord webhooks or Telegram bot APIs.
Such findings were noted to be indicative of the kit's operation under a phishing-as-a-service model.




