One Year, 140,000+ Phishing Websites: The Impact of Sniper Dz
According to Palo Alto Networks Unit 42 cybersecurity researchers, the Phishing-as-a-Service (PhaaS) platform Sniper Dz has recently achieved a worrisome milestone for many.
Over the year, Sniper Dz has created over 140,000 phishing sites, targeting popular platforms like Twitter, Facebook, Instagram, Netflix, and PayPal users.
How does Sniper Dz launch Phishing Attacks?
Through the online admin panel & ready-made downloadable phishing templates:
It offers an online admin panel where hackers can choose from a catalog of convincing phishing pages. They can host these pages on Sniper Dz’s servers or download the templates to host on their servers.
The worst part is that it’s not easy to detect the infrastructure of Sniper Dz. Why?
Because the content is hidden behind a public proxy server, this server loads the phishing content from their own servers, which helps protect their infrastructure from being detected.
Source (The flowchart shows how a phishing attack works with this proxy server setup. It includes a decoy page, a public server, and a web server that hosts the phishing content. When the victim clicks on the temporary decoy phishing page, it triggers a script that automatically configures the proxy server.)
How did Sniper Dz become Successful in launching such Attacks?
The legitimate reason why Sniper Dz attacks become successful is because hackers use popular brand names. For instance, Blogspot was one of the most popular platforms used by attackers.
Also, a Sniper Dz telegram channel was founded in August 2024, with over 7,156 subscribers. Here, different tutorial videos are posted on how to execute the attacks successfully.
Sniper Dz Is a Free PhaaS Platform
Yes, you heard that right! Usually, PhaaS platforms and phishing kit creators can cost hundreds of dollars, but Sniper Dz offers phishing attack options for free. It’s likely because they collect the stolen credentials of victims from phishers using their platform to cover their costs.
How To Stay Protected From Sniper Dz?
Below are some methods that can be used to stay protected from PhaaS platforms.
- Ensure the system software is updated with all the latest patches.
- Make sure your website is protected with an SSL certificate and 256-bit encryption.
- Use antivirus tools to block malware and viruses.
- Double-check before downloading any file from an unknown email. Check if the email domain is legitimate.
- Enable application whitelisting and two-factor authentication (2FA).