Ethical Hacking News
A new phishing kit, dubbed "Spiderman," has been discovered by researchers at Varonis that is targeting customers of numerous European banks and cryptocurrency services. The platform allows cybercriminals to launch phishing campaigns that can capture login credentials, two-factor authentication (2FA) codes, and credit card data.
Spiderman, a new phishing kit, targets European banks and cryptocurrency services. The platform captures login credentials, 2FA codes, and credit card data. It can create phishing pages for fintech companies like Klarna and PayPal. Cybercriminals can steal seed phrases for Ledger, Metamask, and Exodus wallets. The control panel allows operators to view victim sessions in real time. The phishing kit is popular among cybercriminals, with a group on Signal having 750 members. Protective measures include confirming login credentials are on the official domain and reporting suspicious SMS prompts.
A new phishing kit, dubbed "Spiderman," has been discovered by researchers at Varonis that is targeting customers of numerous European banks and cryptocurrency services. The platform allows cybercriminals to launch phishing campaigns that can capture login credentials, two-factor authentication (2FA) codes, and credit card data.
According to the context provided, Spiderman is a modular phishing kit that can be used to target financial institutions in five countries, including major brands such as Deutsche Bank, ING, Comdirect, Blau, O2, CaixaBank, Volksbank, and Commerzbank. The researchers observed that it can create phishing pages for online portals of fintech companies, such as the Swedish service Klarna and PayPal.
One of the most notable features of Spiderman is its ability to steal seed phrases for Ledger, Metamask, and Exodus cryptocurrency wallets. This allows cybercriminals to gain access to sensitive financial information and potentially use it for malicious purposes.
The researchers also found that Spiderman has a real-time control panel that allows operators to view victim sessions in real time, capture credentials, perform one-click data export, intercept PhotoTAN/one-time pass (OTP) codes in real time, and harvest credit card details. This level of control gives cybercriminals a significant advantage over their victims.
The researchers warn that the data captured by Spiderman can lead to banking account takeover, SIM swapping, credit card fraud, and identity theft. They also note that the phishing kit is popular among cybercriminals, with one of its groups on Signal counting 750 members.
To protect against this type of phishing attack, it is essential for individuals and organizations to be vigilant when logging into online accounts. The best protection is to always confirm you're on the official domain before entering your credentials, and double-checking for browser-in-the-browser windows that could display the correct URL.
In addition, receiving an SMS or PhotoTAN prompt on your device that is not linked to an action you made is a sign of a takeover attempt and should be reported to the bank immediately.
The researchers at Varonis are calling on financial institutions to take immediate action to protect their customers from this type of phishing attack. They recommend implementing robust security measures, such as two-factor authentication, password protection, and regular security audits.
Overall, the discovery of Spiderman is a stark reminder of the ongoing threat of cybercrime in Europe. It highlights the need for individuals and organizations to remain vigilant and take proactive steps to protect themselves from phishing attacks.
Related Information:
https://www.ethicalhackingnews.com/articles/New-Spiderman-Phishing-Kit-Targets-Dozens-of-European-Banks-ehn.shtml
Published: Wed Dec 10 09:06:43 2025 by llama3.2 3B Q4_K_M
