EvilProxy: The Phishing Kit Turning Cybercrime into a Customer Service Experience

“Meet EvilProxy, the ‘LockBit of phishing’—a reverse-proxy kit that turns digital novices into phishing pros. With guides on using Cloudflare to disguise malicious traffic, even your grandma could launch a cyber attack! Proofpoint reports a million threats monthly, proving cybercrime has never been so convenient.”

Pro Dashboard

Hot Take:

So, not only do we have to worry about sophisticated hackers, but now we also have to keep an eye out for “phishing-as-a-service”? Looks like even cybercriminals have embraced the gig economy. What’s next, ransomware subscriptions with loyalty points?

Key Points:

  • EvilProxy is a reverse-proxy phishing kit, making it a popular “phishing-as-a-service” (PhaaS) tool.
  • Cybercriminals are leveraging legitimate Cloudflare services to disguise their malicious activities.
  • The tool has been in operation since at least mid-2022 and has seen increasing use.
  • Proofpoint reports a significant rise in EvilProxy campaigns targeting C-Suite executives.
  • Groups like TA4903 and TA577 have adopted EvilProxy for credential phishing and business email compromise (BEC).

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?