If you’re looking to buy or sell phishing kits, looking to learn more about how phishing works, or just looking to enter the fray on a voluntary basis, your best bet is to go exploring on Telegram groups.
This is according to a new report from cybersecurity researchers Kaspersky, which claims the popular encrypted instant messaging platform has become quite the breeding ground for this particular cohort of cybercriminals.
By infosecbulletin
/ Sunday , July 20 2025
Hewlett-Packard Enterprise (HPE) warns that Aruba Instant On Access Points have hardcoded credentials, enabling attackers to skip normal authentication and...
Read More
By infosecbulletin
/ Sunday , July 20 2025
The Akira ransomware group increased its attacks, adding 12 new victims to its dark web portal from July 15 to...
Read More
By infosecbulletin
/ Saturday , July 19 2025
Defence Minister Chan Chun Sing said these select units will work with the Cyber Security Agency (CSA) in a united...
Read More
By infosecbulletin
/ Saturday , July 19 2025
Google is suing 25 unidentified cybercriminals thought to be from China for running BADBOX 2.0, a major global botnet with...
Read More
By infosecbulletin
/ Saturday , July 19 2025
Oracle's July 2025 Critical Patch Update includes 309 new security patches, with 127 addressing remotely exploitable vulnerabilities. SecurityWeek found about...
Read More
By infosecbulletin
/ Saturday , July 19 2025
Cybersecurity researchers have revealed a new malware named MDifyLoader, linked to cyber attacks using security vulnerabilities in Ivanti Connect Secure...
Read More
By infosecbulletin
/ Saturday , July 19 2025
U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a crucial vulnerability in Fortinet FortiWeb in its Known Exploited Vulnerabilities...
Read More
By infosecbulletin
/ Saturday , July 19 2025
Security researcher Jeremiah Fowler discovered an online database exposing sensitive information from an adoption agency. Jeremiah Fowler Jeremiah specializes in...
Read More
By infosecbulletin
/ Friday , July 18 2025
A critical vulnerability in Cisco Identity Services Engine (ISE) and Cisco ISE-PIC, identified as CVE-2025-20337, has a CVSS score of...
Read More
By infosecbulletin
/ Thursday , July 17 2025
On Tuesday, Bangladesh Bank organized a special award ceremony at its headquarters in Dhaka to formally recognize and honor a...
Read More
The researchers say that right at this moment, one can find Telegram groups where hackers are offering free phishing kits paired with pre-packaged tools that allow new entrants to create phishing pages and pose as popular brands. There are also groups where free phishing kit contents are being shared, as well as automated phishing page creation. Also, a cybercrime aficionado could head over to Telegram and find premium pages with customizable interfaces, anti-bot systems, geoblocking, URL encryption, and social engineering elements. However, for these premium services, one can expect to pay between $10 and $300.
Kaspersky also uncovered an interesting detail on Ransomware-as-a-Service encryptors: the kit encrypts the stolen data even for the operators, as a safeguard measure to make sure the ransomware’s creators get their share. In other words, even
ransomware(opens in new tab) operators are being held for ransom, for the data they’ve stolen.
Phishing is currently one of the most popular cybercriminal activities out there, second only to Business Email Compromise (which in itself is a form of phishing) and ransomware.
A recent Cofense report stated that there has been a 569% increase in phishing attacks in 2022, compared to the year before. Reports related to credential phishing were up 478% last year, as well.