Cybercriminals attack banking customers in EU with V3B phishing kit
phishing, banking, e-commerce, Dark Web, fraud intelligence, fraud prevention, OTP, 2FA, QR Codes, PhotoTAN, phishing-as-a-service, Telegram, dark web
Resecurity has uncovered a cybercriminal group that is equipping fraudsters with sophisticated phishing kits to target banking customers in the EU. These kits are designed to intercept sensitive information, including credentials and OTP codes. The attackers use various social engineering tactics to trick victims into revealing their sensitive information. The kit is provided through Phishing-as-a-Service (PhaaS) model, and is also available for self-hosting.
One of the key actors, also known under alias "Vssrtje", launched operations in March 2023, promoting the kit called "V3B" on Telegram and Dark Web communities. They have since built a client base focused on targeting European financial institutions. Currently, it is estimated that hundreds of cybercriminals are using this kit to commit fraud, leaving victims with empty bank accounts. Their Telegram channel has over 1,255 members, a significant indicator of the scale and scope of the malicious activity being promoted by the group.
The majority of members on this Telegram channel are skilled cybercriminals who specialize in various forms of fraud. These include:
