[Information Security Daily]On October 14, 2022, the information security industry discovered that the C2 attack framework Alchimist, a new phishing attack kit rental service Caffeine, was used by hackers.

The tendency of cyber attackers to use off-the-shelf C2 frameworks in APT attacks is increasing. Recently, a C2 framework and Insekt malware called Alchimist appeared. It was developed in the GoLang programming language and has a simplified Chinese management interface. It is suspected to be a Chinese hacker. New attack tools used by customers. Before that, the information security industry also exposed Manjusaka, which has been widely used by Chinese hackers recently. The two have similar characteristics, but the hacking organizations they have built are different. As the threat of phishing continues to be severe, the phishing attack suite rental service (PhaaS) developed in the black industry continues to have new platforms. Recently, a PhaaS platform called Caffeine is being used by cybercriminals. Widely used in phishing attacks. In addition, a combination of phishing and voice spoofing has recently emerged internationally, which deserves the attention of the financial industry and users. Many Italian financial industries have been impersonated.