Researchers uncover phishing-as-a-service platform Caffeine

Recently unearthed by security researchers, a new, criminal ‘phishing-as-a-service‘ (PhaaS) platform has been identified. This phishing platform, called Caffeine, is unique in its broad accessibility. Anyone with an email can create an account, choosing from three different subscriptions: $250 a month (Basic), $450 for three months (Professional), or $850 for six months (Enterprise).

These paid subscriptions are required to access the vast amount of features the cybercriminal platform boasts. These features include customized phishing kits, campaign success tracking tools, management of redirect pages, tools to configure attacks, and generation of dynamic URLs that host payloads. Researchers also discovered templates earmarked for use against Russian or Chinese targets.

Caffeine particularly stands out in the sea of tools that cybercriminals can potentially use to target victims. These criminals often find these phishing resources in underground forums, encrypted messaging apps, or through platforms similar to Caffeine that require referrals from other users. Caffeine cuts out this underground element entirely. The platform is lowering the barrier to entry for cybercriminals by allowing literally anyone with an email to access these nefarious tools.

Additionally, researchers noted that creating an account required no disclosure of information or external validation methods, which is typical with other phishing platforms, making Caffeine far more unique than other platforms. The developers of this platform continue to make it readily accessible through several updates, including increasing the number of cryptocurrencies accepted, feature updates, and more.

In conclusion, this new platform poses a huge security risk, as the intuitive interface, low cost, and multitude of features truly allow anyone on the Internet to begin their cybercriminal career.

Security researchers made several recommendations to help protect against falling victim to phishing scams. These tips include implementation of two factor authentication, the use of behavioral analytics for web log analysis to include initial URL structure, form submissions and redirections, and the periodic evaluation of public facing web-infrastructure and files against known legitimate versions of the content.

“Traditional phishing techniques continue to be a reliable Initial Intrusion Vector for cyberattacks, and, as demonstrated by the Caffeine PhaaS platform, the tools to conduct full-fledged enterprise-level phishing campaigns are cheap to acquire, simple to use, and readily available to adversaries,” concluded Mandiant researchers.

Since 2003, Network Security Associates has provided impeccable IT services to an array of Las Vegas based businesses – including IT audits, optimization of digital infrastructure, security monitoring, compliance solutions, data backups, and so much more. We offer 24/7 support from our brilliant IT specialists, who’ll be able to assist you either over the phone or on an on-site visit (if it requires). We always put the client first, going above and beyond, every single time, to ensure client satisfaction. 

Quick response times, disaster recovery plan implementation, free evaluations, and certification from the Nevada Gaming Board are just a few of our services that separate us from the rest of the competition. Call us for a free consultation today at 702-547-9800!