New LogoKit Phishing Campaign Exploits Cloudflare Turnstile and Amazon S3 for Higher Success Rates

Cyble Research and Intelligence Labs (CRIL) recently discovered a very advanced phishing campaign that used the LogoKit phishing kit, which was initially discovered in 2021, to pose as reliable organizations such as Hungary’s Computer Emergency Response Team (HunCERT).

This ongoing operation targets a diverse range of sectors, including banking and logistics, with a global reach spanning organizations in Hungary, Papua New Guinea, the United States, and Saudi Arabia.

Sophisticated Tactics Target Global Entities

The campaign’s technical prowess lies in its use of legitimate cloud infrastructure and advanced deception techniques to maximize credential harvesting success.

By hosting phishing pages on Amazon Web Services (AWS) S3 buckets, attackers exploit the inherent trust associated with such platforms to remain undetected while enhancing the credibility of their malicious sites.

Additionally, the integration of Cloudflare Turnstile a CAPTCHA alternative creates a false sense of security, convincing victims of the site’s legitimacy and ...