More threat actors have been leveraging the newly emergent SheByte phishing-as-a-service platform to target U.S. and Canadian organizations since the disruption of the major PhaaS platform LabHost in an international law enforcement operation last year, Cybernews reports.
Despite castigation from fellow PhaaS platform Frappo, SheByte began gaining a foothold among cybercriminals in December following the addition of customizable "v2" phishing pages, with the user base further expanding the following month due to phishing pages dedicated to leading Canadian payments processing firm Interac, according to an analysis from Fortra. Aside from featuring Interac phishing templates, SheByte also contains phishing pages for over 20 banks in Canada and the U.S., as well as telecommunications firms, email service providers, cryptocurrency services, and toll road collection organizations. Moreover, SheByte's LiveRAT admin dashboard derived from LabHost enables not only the blocking of known VPNs, proxies, and virtual machine traffic but also real-time compromise of multi-factor authentication codes and other data, said Fortra researchers.
Despite castigation from fellow PhaaS platform Frappo, SheByte began gaining a foothold among cybercriminals in December following the addition of customizable "v2" phishing pages, with the user base further expanding the following month due to phishing pages dedicated to leading Canadian payments processing firm Interac, according to an analysis from Fortra. Aside from featuring Interac phishing templates, SheByte also contains phishing pages for over 20 banks in Canada and the U.S., as well as telecommunications firms, email service providers, cryptocurrency services, and toll road collection organizations. Moreover, SheByte's LiveRAT admin dashboard derived from LabHost enables not only the blocking of known VPNs, proxies, and virtual machine traffic but also real-time compromise of multi-factor authentication codes and other data, said Fortra researchers.
