Login
Discover
Waves
Decks
Plus
Login
Signup
40
balor
balor
Internet crime research and travel.
Available
Used
Resource Credits
26 Followers
20 Following
Distributed.
May 14, 2019
RSS feed
Posts
Blog
Posts
Comments
Communities
Wallet
Follow
balor
technology
Saturday, May 25, 2019 5:45 PM
Getting Code Execution on an iCloud Phishing Panel
So in my previous post I mentioned that the panel I discovered was really, really badly coded. So I decided to do a little audit of the code and find a way to gain code execution. Firstly, you will have
$ 0.107
5
1
1
balor
technology
Saturday, May 25, 2019 1:31 PM
A Look Inside an Apple iCloud Phishing Panel.
So by sheer dumb luck today, we managed to nab a nice phishing panel and gain access to its backend literally as it got deployed to the internet. We were monitoring the Certificate Transparency logs for
$ 0.347
17
7
3
balor
introduceyourself
Friday, May 24, 2019 11:47 AM
A Somewhat Overdue Introduction...
So I forgot to post an introduction post, due to being a bit busy posting up a bunch of content and working out some of the backend stuff for the Fried Phish Project. So I am balor, a security
$ 0.404
46
12
1
balor
technology
Friday, May 24, 2019 11:05 AM
An Example of a DHL Phishing Attack (Featuring: Comic Sans).
So this is another really, really crude phishing kit that I have seen around the place quite a lot in the past while, targeting users of the DHL service. Effectively it seeks to jack peoples DHL accounts
$ 0.109
7
1
1
balor
technology
Friday, May 24, 2019 8:26 AM
An Example of an Alibaba (and Gmail!) Phishing Attack.
So this is a moderately interesting one, in that you get twice the fuckery for half the price. What appeared to be, on first glance, a phishing page targeting Alibaba users, also harvests your login
$ 0.105
4
1
balor
technology
Monday, May 20, 2019 12:22 PM
An Outlook Phishing Page Hosted on a Kenyan Government Website.
So this is a curious case, while reviewing our logs of phishing sites detected, we spotted a Kenyan government domain amongst the logs, so of course we had to investigate. The phishing page we landed on
$ 0.077
2
1
1
balor
technology
Thursday, May 16, 2019 1:38 PM
An Example of an Ourtime.com (Dating Site) Phishing Attack.
So this one is a little amusing, we came across it after updating our phishing sample collector to also search for dating-site related keywords. The kit is targeting users of "Ourtime.com", a
$ 0.075
3
1
1
balor
technology
Wednesday, May 15, 2019 6:59 PM
An Example of an Outlook Phishing Attack.
So here we have another phishing setup we discovered as part of the "Fried Phish" project, this time targeting Spanish speaking Outlook webmail users. This one is rather crude, but the way we
$ 0.068
3
1
balor
technology
Wednesday, May 15, 2019 10:28 AM
An Example of a Cox Phishing Attack.
So here we have another phishing setup we discovered as part of the "Fried Phish" project, this time targeting customers of Cox Communications, an ISP and TV provider in the United States. This
$ 0.068
5
1
1
balor
technology
Tuesday, May 14, 2019 4:38 PM
An Example of a Maersk Phishing Attack.
So for my first post here, as part of the "Fried Phish" project I'll give you all a look behind the scenes of a phishing campaign we came across today, while scouring the internet for evil. So
$ 0.089
6
1
1
