Microsoft unravels the mystery of PhaaS attack

    An investigation led Microsoft to a phishing-as-a-service operation known by the name BulletProofLink. Before we get into the details of the phishing scam, let us know what is phishing? 

    Phishing is a kind of cybercrime wherein the criminals pose as someone representing a trustworthy source and then tempting the victim to divulge the passwords, username, and other credentials. Phishing has been there for quite some time now, but the modus operandi has evolved over the years with an effort to make it foolproof. 

    Let us find out how the Microsoft Phishing scam was unraveled during the investigation of phishing attacks by Microsoft

    Phishing-as-a-service operation – Microsoft’s chase

    The corporate tech stalwart said that it spotted the BulletProofLink, which is also known by the name BulletProftLink and Anthrax while investigating the phishing attacks that took place of late. The one acting behind the scene here extends or sells phishing kits, automated, hosting services aside from email templates operating under a single payment subscription or a monthly based one. 

    The Microsoft 365 Defender Threat Team said that they came across this campaign where a huge volume of unique and new subdomains was found, with over 3000,000 in a “single run“.

    How does BulletProofLink operate?

    With more than 100 phishing templates available, they mimic some of the well-known brands and services and their activities have adversely impacted the operations of a considerable number of enterprises today. 

    OSINT Fans brought the activities of the BulletProofLink to everyone’s notice in October 2020 by publishing 3-part series wherein the inner workings of this particular PhaaS operation were revealed. 

    They also revealed that then, BulletProofLink ICQ group chat already had as many as 1,618 members in 2020 and these members all dealt with stolen passwords and Bulletproftlink phishing services. 

    Double theft used for enhancing profits

    Aside from the Phishing attack and what activities Microsoft Phishing email and more has revealed, the threat actor also indulged in so-called double theft so that it could earn more in profits by illegal means. 

    This is the same tactic that the ransomware gang adopts. The double theft here refers to a strategy when credentials are stolen in phishing attacks, and they are sent to another server (the secondary server) that is controlled by the operators running the PhaaS operation where phishing kits provided by them are used a default configuration. 

    In this way, the credentials that are collected by BulletProofLink clients are sent to PhaaS operators if the cybercriminals that are using their services fail to customize the phish kits to their servers. 

    In case of ransomware and phishing attacks, the BulletProofLink operators that provide the resources for facilitating the attacks also ensure that the stolen credentials and data obtained can be used in the maximum ways possible said Microsoft. 

    Understanding how phishing scams work

    Just as any legally operating business outsources some of the operations and services to a third party, even cybercriminals outsource their work. Cybercrime has become a bigger sect these days with expanding malware, phishing campaigns, and ransomware. 

    In any PhaaS business, the attackers hire the services of an operator so that the operator can develop and use a campaign partially or wholly. The package will have items like redistribution and credential parsing, phony sign-in pages, and website-related hoax services. 

    As mentioned above, BulletProofLink has been active since 2018 and has its own About Us page. It uses BulletProofLink, BulletProftLink, and Anthrax interchangeably.


    RELATED ARTICLES

    how to make Studio Ghibli-style images

    How to Make Studio Ghibli-Style Images for Free: Learn Here 

    Studio Ghibli’s signature artwork fashion—lush backgrounds, whimsical characters, and problematic information—has captivated audiences for many...
    Iganony

    IGAnony IO for Instagram: Private IG Account and Story Viewer

    Iganony is a tool that promises discreet Instagram viewing. But does it deliver on its...
    technology trends

    Technology Trends for 2025: The Next Frontier of Innovation

    The digital landscape is changing more swiftly than ever, reconstituting businesses, communities, and everyday life....
    12 Best FinOps Cloud Services for Managing and

    12 Best FinOps Cloud Services for Managing and Reducing Costs in 2025

    Cloud spending keeps climbing. As companies scale, tracking what’s actually worth paying for—and what’s just...
    Best Practices for Your Cloud-Native

    Best Practices for Your Cloud-Native Security Strategy

    Cloud-native computing has revolutionized how organizations build, deploy, and scale applications. With microservices, containers, and...
    Infotech Lifafa

    Infotech Lifafa: Revolutionizing the Digital Landscape

    Infotech lifafa: a name that's quickly becoming synonymous with digital transformation. The challenge? Navigating the...
    What is a Yoga Swing

    What is a Yoga Swing?

    A yoga swing is a fabric hammock or collection of straps that hold your body...
    healthy habits

    Healthy Habits For Your 20s: A Handbook for Long-Term Health

    Your 20s are a transformative decade, shaping your destiny, health, career, relationships, and overall well-being...
    how to make Studio Ghibli-style images

    How to Make Studio Ghibli-Style Images for Free: Learn Here 

    Studio Ghibli’s signature artwork fashion—lush backgrounds, whimsical characters, and problematic information—has captivated audiences for many...
    well health organic best ways to remove dark spots on face

    Well Health Organic Best Ways to Remove Dark Spots on Face: Natural Ways to Banish Dark Spots

    Well health organic best ways to remove dark spots on face"—that's what when you typed...
    wellhealthorganic.com : neem and aloe vera juice

    Wellhealthorganic.com : Neem Aloe Benefits – Learn The Hack and Thrive! 

    Wellhealthorganic.com : neem and aloe vera juice is a simple, natural mix that can really...