What is the 16Shop Phishing Kit?
16Shop is one of the most advanced phishing kits available on the dark web. It is believed that the kit is being developed by an Indonesian hacking group known as the Indonesian Cyber Army. The hacking group was first detected by McAfee in November 2018. Since then, the group has been very prolific in the number of campaigns they have conducted. The group usually targets potential victims via links in malicious emails that seem to originate from victims’ known online accounts. Information being targeted includes login credentials, credit card details and other personal information. The kit is sold on underground forums using the Software-as-a-Service (SaaS) model. SaaS is a software licensing and delivery model where software is licensed on a subscription basis and is centrally hosted. SaaS is also known as “on-demand software”. Similarly to legitimate SaaS products, 16Shop offer different tiers of phishing kits. The highest tier kit is the most expensive and contains the most features. Less expensive kits contain less features depending on the tier.
16Shop Phishing Kit’s New Features
Antidetection Features
Moreover, the latest version of 16Shop kit includes features that make it more able to resist defenders. For instance, the kit includes three anti-bot and anti-indexing features to help it hide from security vendors’ automated crawlers and web-indexers. Anti-bots check website visitors to see if they are a real visitors or a bot. Zack Allen, director of threat operations at ZeroFOX, said: “16Shop Developers have been one of the most skilled in our research. They are consistently updating their code, adding IP addresses, user-agents and tricks to do anti-bot and anti-scraping technology, and they do it at an impressive rate with frequent updates.”
Easy to Use
The 16Shop phishing kit also contains features to make it easier to use, which allows low level hackers with limited technical understanding to launch sophisticated attacks. The hackers using the phishing kit are provided with a dashboard that is clear and easy to understand. The dashboard updates in real time and provides statistics such as the number of clicks recorded, number of logon credentials collected, number of credit card details gathered, and the number of bots detected.