Beware Of Spiderman-As-A-Service Web Of Attacks

Source: Forbes

A new cybercrime kit dubbed Spiderman since it weaves “an extensive web of attacks,” according to Varonis security researchers, has made it incredibly easy for hackers to strike. Through a single interface, threat actors can launch their attack campaigns, steal passwords and 2FA credentials, and manage all captured data.The Spiderman-as-a-service tool can go toe-to-toe with most any Marvel or DC villain. Hackers using Spiderman can simply select the bank or service to impersonate, click a button and get a bank site clone with login, password, 2FA prompts and credit card input forms all ready-made. Varonis revealed that Spiderman attacks can exfiltrate usernames and passwords, 2FA code cookies, names, phone numbers, dates of birth, credit card details and moore than enough information for account takeover, SIM-swap attacks, credit card fraud, and identity theft. Full Story