The Rise and Fall of a Phishing-as-a-Service Platform Targeting Financial Institutions

Explore a detailed 29-minute conference talk from SANS that examines the evolution and downfall of ONNX Store, a sophisticated Phishing-as-a-Service (PhaaS) platform that targeted financial institutions. Discover how this platform, evolved from the Caffeine Phishing Kit, employed advanced techniques including QR code-based phishing and 2FA bypass methods while operating through Telegram bots. Learn about the crucial role of cyber threat intelligence in identifying and disrupting the platform's operations, leading to the attribution of its creator MRxC0DER in June 2024. Gain valuable insights into the PhaaS business model, technical analysis of phishing methods, and practical defensive strategies for financial institutions. Master the implementation of proactive threat monitoring techniques and understand how attribution impacts cybercriminal activities. Benefit from actionable recommendations for strengthening technical defenses and identifying emerging threats in the financial sector.