The NakedPages phishing toolkit model has been making headlines since its discovery by CloudSEK researchers. This post explains what NakedPages is, everything you need to know, and shares NakedPages’ features, impact, and how you can protect yourself from the phishing toolkit.

The phishing toolkit, NakedPages, has caused a stir by offering its phishing services with over 50 pre-existing phishing templates and anti-bot functionalities that can steer clear of bots from over 120 countries. The NakedPages phishing toolkit was recently discovered for sale across various cybercrime channels and Telegram by CloudSEK cybersecurity researchers.

Phishing is the most common cybercrime, and NakedPages is a significant threat, especially when the cybercriminal behind it is inviting supporters for $1000 contributions for the project’s development.

The following sections discuss how dangerous this new threat is.

 

What is NakedPages Phishing Toolkit?

NakedPages is a toolkit that CloudSEK’s XVigil discovered. NakedPages is a phishing toolkit advertised on a cybercrime forum as the tool that serious developers and scammers need.

There is no information about the cybercrime syndicate/actor behind NakedPages. However, the advertisement came with a google form that allowed individuals to contact the cybercriminal by filling out a questionnaire. The users who fill out the form get access to a private GitHub repository bearing the same logo as the advertised phishing kit. The GitHub account and the cybercrime forum are new and were created within the last 30 days. You can read more about it in CloudSEK’s post.

 

NakedPages: Everything Discovered Yet

NakedPages is a cause of concern as it contains more than 50 phishing projects under its umbrella and invites more developers and experienced sellers to make it powerful and offer it as a PhaaS (Phishing as a Service) model. The advertisement that CloudSEK analyzed also mentions that it may provide software licenses if those purchasing NakedPages pay $1000 upfront.

 

NakedPages would allow cybercriminals to launch sophisticated phishing and malware campaigns and runs on auto-generated JavaScript code attributed to its development framework, NodeJS. NakedPages is designed to work on Linux and requests R-W-X permissions from users and R-X permissions from groups and others. NakedPages uses the “nkp.app” binary.

 

Phishing ToWhat Does the NakedPagesolkit Offer?

The NakedPages phishing toolkit offers a wide array of malicious services that cybercriminals using the toolkit will be able to use against you. The NakedPages phishing toolkit:

  • is a completely automated tool.
  • contains over 50 phishing templates and projects.
  • is a fully integrated tool with test anti-bot functionality integrated with the database capable of detecting various bots from over 120 countries.
  • has a one-click setup and can also be launched with the bash command “bash setup/sh.”
  • supports local environments with mkcert.
  • offers MongoDB database storage and auto SSL, with domain configuration that can be configured using the bash change-domain.sh script.
  • offers readymade project generation without the need to code.
  • renders PHP files and data between the reverse proxy and PHP and can handle multiple traffic sources simultaneously.
  • offers portability via asset storage.
  • provides a strong session authentication with fingerprints and cookies, all of which are sent to a configured Telegram channel.
  • allows cybercriminals to use it to receive results manually, add cookies, filter users, and decode responses.

 

Key Takeaway: Can NakedPages Impact You?

The quick answer is yes, NakedPages can affect you. Phishing is a serious cybercrime that paves the way for stealing credentials, and financial information, delivering malware and ransomware, rootkits, spyware, and more. Here are a few phishing statistics to help you understand the severity of this threat.

  • One in 99 emails exchanged is a phishing one.
  • At the cost of $4.65 million, phishing is the second most expensive cyberattack, according to IBM’s 2021 Cost of a Data Breach report.
  • During a phishing attack, 60% of organizations lose data, 52% suffer compromised credentials, and 47% and 29% are affected by ransomware and malware.

 

malware attack

Image sourced from pinterest.com

Such a sophisticated phishing toolkit that offers automated functionalities and has the potential to grow even more dangerous with invitations to developers willing to join the NakedPages’ phishing toolkit campaign can surely arm cyber criminals to carry out ransomware attacks.

Furthermore, with more and more data being collected from phishing pages, cybercriminals can easily pose a threat to your financial and personal security by offering said information on the dark web.

 

How to Protect Against the NakedPages Toolkit?

While talking about a phishing campaign, the first measure you need to take is to avoid phishing tactics and fake websites. Phishing Awareness Training for staff members and at the individual level can allow them to notice the key giveaways of fake web pages and keep your organizational systems safe.

In addition, you should monitor your system and accounts for anomalies. If there are unintended logins from various places, malicious detections by anti-virus tools, and more, you might be a victim of a cyberattack. So, you should monitor all indicators to check if your account is safe.

You should also routinely change your passwords, never reuse them for multiple accounts, and implement MFA (Multi-factor Authentication). With MFA, your account can have an additional layer of security with OTP verifiability via mobile numbers, PINs, biometrics, etc., that cybercriminals cannot easily penetrate.

 

Final Words

Cybersecurity news this year has been full of twists. Every time cybersecurity researchers and teams work to keep your accounts safe, a threat actor tries to break that security down.

The latest NakedPages phishing toolkit is the perfect example of how cybercriminals are teaming up and allowing even low-level criminals to engage in sophisticated cyberattacks. NakedPages might grow into a highly sophisticated phishing campaign affecting millions or might be taken down in a while. A question that only time will answer. In the meantime, you should follow the above steps and practice excellent cyber hygiene for better phishing protection.