Security Intelligence -
Phishing-as-a-Service: Research Exposes BulletProofLink Gang
It’s a growing trend among attackers to offer their products as a service, just as regular companies do. In September, Microsoft researchers found that the BulletProofLink phishing-as-a-service (PhaaS) enterprise was taking this to the next level. It comes with over 100 phishing templates disguised as trusted brands and services. Take a look at how it works and what it says about attackers’ methods today.
Inside the Workings of BulletProofLink
Microsoft found BulletProofLink has been running since at least 2018.
That length of time gave its handlers time to create sites under aliases, like BulletProftLink and Anthrax, for advertising their services. Those sites included video ads hosted on YouTube and Vimeo. They also included an online store where ‘customers’ could register, snag a 10% welcome discount and sign in to their accounts going forward.
Microsoft found that the BulletProofLink monthly service cost users about $800 at the time of research. Other services such as one-time hosting links went for less, at $50.
BulletProofLink gave users a choice of over 100 templates that they could use to pretend to be legitimate companies. After buying one