Blog

Sep 16, 2024

Cybercriminals Exploit HTTP Headers for Credential Theft via Large-Scale Phishing Attacks

Posted by in categories: business, cybercrime/malcode, robotics/AI

It also follows the discovery of a stealthy threat actor that presents itself as a legitimate enterprise and has been advertising automated CAPTCHA-solving services at scale to other cybercriminals and helping them infiltrate IT networks.

Dubbed Greasy Opal by Arkose Labs, the Czech Republic-based “cyber attack enablement business” is believed to have been operational since 2009, offering to customers a toolkit of sorts for credential stuffing, mass fake account creation, browser automation, and social media spam at a price point of $190 and an additional $10 for a monthly subscription.

The product portfolio runs the cybercrime gamut, allowing them to develop a sophisticated business model by packaging several services together. The entity’s revenues for 2023 alone are said to be no less than $1.7 million.

Leave a reply