01-06-2025, 10:19 PM
New PhishWP Plugin on Russian Forum Turns Sites into Phishing Pages
A recent report by SlashNext reveals that Russian cybercriminals have developed a malicious WordPress plugin named PhishWP. This plugin enables attackers to transform legitimate websites into phishing traps by creating convincing fake payment pages that mimic services like Stripe. These counterfeit pages deceive users into entering sensitive information, including credit card details, CVV codes, and 3D Secure one-time passwords (OTPs).
PhishWP boasts several advanced features that enhance its effectiveness:
• Customizable Checkout Pages: Allows attackers to design fake payment interfaces that closely resemble legitimate ones.
• 3DS Code Harvesting: Tricks users into providing OTPs through deceptive pop-ups, effectively bypassing additional authentication layers.
• Telegram Integration: Immediately transmits stolen data to attackers via Telegram, facilitating real-time exploitation or sale on the dark web.
• Browser Profiling: Collects details such as IP addresses, screen resolutions, and user agents to tailor attacks to specific user environments.
The plugin’s multi-language support and obfuscation features enable cybercriminals to conduct targeted phishing campaigns on a global scale, leading to significant financial losses and personal data breaches.
To mitigate these risks, cybersecurity experts recommend implementing robust security measures, such as browser-based phishing protection tools, and maintaining vigilance during online transactions. Proactive security practices are essential to reduce vulnerability to these sophisticated attacks.
Source : https://hackread.com/phishwp-plugin-russ...ing-sites/
A recent report by SlashNext reveals that Russian cybercriminals have developed a malicious WordPress plugin named PhishWP. This plugin enables attackers to transform legitimate websites into phishing traps by creating convincing fake payment pages that mimic services like Stripe. These counterfeit pages deceive users into entering sensitive information, including credit card details, CVV codes, and 3D Secure one-time passwords (OTPs).
PhishWP boasts several advanced features that enhance its effectiveness:
• Customizable Checkout Pages: Allows attackers to design fake payment interfaces that closely resemble legitimate ones.
• 3DS Code Harvesting: Tricks users into providing OTPs through deceptive pop-ups, effectively bypassing additional authentication layers.
• Telegram Integration: Immediately transmits stolen data to attackers via Telegram, facilitating real-time exploitation or sale on the dark web.
• Browser Profiling: Collects details such as IP addresses, screen resolutions, and user agents to tailor attacks to specific user environments.
The plugin’s multi-language support and obfuscation features enable cybercriminals to conduct targeted phishing campaigns on a global scale, leading to significant financial losses and personal data breaches.
To mitigate these risks, cybersecurity experts recommend implementing robust security measures, such as browser-based phishing protection tools, and maintaining vigilance during online transactions. Proactive security practices are essential to reduce vulnerability to these sophisticated attacks.
Source : https://hackread.com/phishwp-plugin-russ...ing-sites/