Obsidian catches phishing kits or Phishing-as-a-Service (PhaaS) websites by analyzing the fuzzy hashes of visited site content. An example given is EvilProxy/Tycoon, a phishing kit that steals credentials and session cookies in real time. Once it bypasses Cloudflare’s protection, a page impersonates the Microsoft login page. Fuzzy hashing helps detect the page after Javascript obfuscation is removed. The same technique can catch users visiting phishing websites by Advanced Persistent Threat (APT) groups.
![](https://healsecurity.com/wp-content/uploads/2024/07/group-ibs-threat-intelligence-and-defence-centre-equip-undergraduates-with-sophisticated.jpg)
Group-IB’s Threat Intelligence and Defence Centre Equip Undergraduates with Sophisticated Cybersecurity Technologies to Boost Threat Analysis and Enhance Cyber Resilience for Campus Start-ups
Hey there from the heart of the San Francisco Bay Area! It’s an absolute pleasure to have you back again for our chat on some