Bendigo Bank Phishing

Phishing
1

Link → https://au.service-victoria.com/ben/secure/

https://au.service-victoria.com/ben/secure/32j23lklkd32lkdf23.txt - Saved Passwords etc.
https://au.service-victoria.com/ben/secure/netf.txt also

https://au.service-victoria.com/ben.zip - Source Code

2

/ben.zip is showing a 404

3

LitePhish (service-victoria.com) - Controls the script

4

Damn lmao

5

Other URLs:
https://au.service-victoria.com/__MACOSX/
https://au.service-victoria.com/walletconnect/
https://au.service-victoria.com/
https://au.service-victoria.com/xch5/
https://au.service-victoria.com/ff9/

6

So many phishing campaigns Index of /LitePhish/websites (service-victoria.com)

7

Wow - that’s not good.

We should report this.

8

https://au.service-victoria.com/LitePhish/victims/

9

This is how the logged info is sent:

Could spam it ig

10

oooh should be fun

11

Here: LitePhish/iplogger.php at 8d8775ea604ab438f760dca0170ad56f4c2a9baf · DarkSecsDevelopers/LitePhish · GitHub

12

Way ahead of you - already reported

13

Ah, that’s good.

Spamming their “sender” thing rn

image

14

I wonder if they allow the DELETE method on their servers

15

For LitePhish, I don’t think so (it’s open source and I don’t see any mention of it in the code). However, you could try it for their Bendigo Bank crap.