Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

🚀 Create IOK: steam-tu2yq4ic #255

Merged
merged 2 commits into from
May 20, 2024
Merged

Conversation

nyuuzyou
Copy link
Contributor

🟢Additions:

@IlluminatiFish
Copy link
Collaborator

Hi @nyuuzyou, thanks for your first contribution to the project!

I have reviewed the references and it appears that this is a classic BiTB phishing attack. Curiously when trying to interact with the iframe loaded by the phishing page it redirects to an obscure website (with a random hash as the path) referring to pizza (possibly a fencing mechanism?).

As a result I have decided to include several unique strings from /assets/js/main.js to aid in the detection of this kit.

@IlluminatiFish IlluminatiFish merged commit a6b13c2 into phish-report:main May 20, 2024
2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants