Phishing Campaigns Made Easy, Courtesy Caffeine

Why Caffeine?

• A threat actor prefers Caffeine because it doesn't require invites/referrals, nor does it require any approvals from a hacking forum or a Telegram admin.
• Caffeine’s phishing templates aim for the Russian and Chinese platforms, unlike most PhaaS platforms that target Western services.

Caffeine features

• To access Caffeine, an account is a must, after which the operator gets immediate entry to the store that contains phishing tools and an overview dashboard.
• Purchasing a subscription license is a must for an operator and its cost ranges from $250/month, $450 for three months, or $850 for six months, depending on the features.
• What makes Caffeine subscription 3–5 times costlier than its contemporaries is that it offers anti-detection and anti-analysis systems and customer support services.

Phishing campaign

• After phishing campaign parameters are set, operators will deploy a phishing kit, before selecting a phishing template.
• Analysts believe that Caffeine will add more phishing templates soon, including Microsoft 365 and other lures tailored for Chinese and Russian platforms.
• Phishing emails can additionally be sent out using the platform's PHP-based email management utility, implying that external tools aren't required.

Conclusion