cognitive cybersecurity intelligence

News and Analysis


Detecting AiTM Phishing Sites with Fuzzy Hashing

Obsidian catches phishing kits or Phishing-as-a-Service (PhaaS) websites by analyzing the fuzzy hashes of visited site content. An example given is EvilProxy/Tycoon, a phishing kit that steals credentials and session cookies in real time. Once it bypasses Cloudflare’s protection, a page impersonates the Microsoft login page. Fuzzy hashing helps detect the page after Javascript obfuscation is removed. The same technique can catch users visiting phishing websites by Advanced Persistent Threat (APT) groups.

Source: –

Subscribe to newsletter

Subscribe to HEAL Security Dispatch for the latest healthcare cybersecurity news and analysis.

More Posts