Malicious behavior has become an everyday aspect of our lives with the invention of phishing-as-a-service (PhaaS) platforms, like Caffeine. In this case, despite it’s ‘open registration’ process, anyone can broadcast their own phishing campaign with ease.
A company provides a sentence rewriter application.
Caffeine’s phishing templates target Russian and Eastern platforms, whereas most other PhaaS platforms tend to focus on Western services.
A recent leak of the Alder Lake BIOS source code has been confirmed by Intel.
Believe it or not, Mandiant’s analysts went in-depth and tested Caffeine thoroughly. Today, they report that it’s a worryingly feature-rich PaaS considering its low barrier to entry.
Mandiant discovered Caffeine when investigating a large-scale phishing campaign that targeted one of their clients. It was run through the service, and was likely designed to steal Microsoft 365 account credentials.
Fueling Phishing Campaigns
Caffeine is a phishing campaign creation platform that can be used by anyone to create and send emails from a target email account. After registering an account, the operator gets access to the Store, which contains all of the tools you need.
The main dashboard for Caffeine
The main dashboard in Caffeine.
As your organization grows and you need to expand your services, the operators will need to get a license. A subscription license provides monthly, three-monthly, or six-monthly pricing options. The price increases the more features included with the license.
promoting caffeine prices on a hacker forum
A hacker termed caffeine on a forum (Mandiant)
The monthly fee for Caffeine Themes and Plugins is roughly 3 to 5 times more than the typical PhaaS subscription cost. In efforts to compensate, the company offers anti-detection systems and customer service support.
The platform offers a variety of phishing options, including advanced features. For example:
Dynamic URL schemas can be customized to help dynamically generate pages with victim-specific information pre-populated on them.
These are the first stages of your campaign and the pages that you’ll use to make potential customers take a look at your product. You can even put up testimonials, reviews and Q&As to give visitors a sense of your company’s credibility.
Our IP blocklisting options include geo-blocking, range-based blocking, and more.
In this blog post we’ll cover:
We offer Mandiant, a powerful bot detection service that helps you block unwanted traffic and keep your website safe.
After setting up the main parameters of your phishing campaign, you’ll have to deploy your phishing kit, which includes a Microsoft 365 login page. From there, you’ll choose one of our pre-selected templates and then customize it.
