‘Stanley’ Malware Toolkit Enables Phishing via Website Spoofing

A new malware toolkit offered on an underground cybercrime forum can keep the browser’s address bar unmodified while serving phishing pages, Varonis reports.

Dubbed Stanley, the malware-as-a-service (MaaS) toolkit is priced from $2,000 to $6,000, and was first spotted on January 12, in a post claiming it can create extensions that bypass Google Store validation.

The top-tier pricing provides threat actors with customization options, a management panel, and guaranteed publication on the Chrome Web Store, Varonis has discovered.

“That guarantee is the commercial center of gravity here: it shifts distribution risk away from the buyer and implies the seller has a repeatable way to clear Google’s review process,” the cybersecurity firm notes.

A web-based management interface provides miscreants with a view of infected hosts, displaying information such as IP addresses (used as identifiers), online status, browser history status, and last activity timestamp.

It also allows operators ...