Fellow #phishingkit hunters I've moving #PhishingKitTracker over to it's own dedicated Twitter Account @PhishKitTracker CC @PhishKitTracker on twitter if you find a #threatactoremail in #phishingkit Thanks, @neonprimetime https://t.co/Syx0solOXa

@PhishKitTracker @ActorExpose @Jouliok @andpalmier @ANeilan @nullcookies @ozuma5119 @phishunt_io @sysgoblin @dubstard This isn't goodbye but more of a shift in targeting. If you ever need anything feel free to DM me. I still regularly use your data so thanks for the hard work on the tracker over the last few years!

I will keep fighting the good fight with my @neonprimetime handle and am glad to be a small part in the greater #infosec community! 7/7

And for those still active and interested in #phishing #phishingkit #threatactoremail I recommend following some of the best phishing kit hunters in the business @ActorExpose @JCyberSec_ @actorexpose @SteveD3 6/N

Shout out to the great @JayTHL who energized me and helped me back when I was exploring these ideas in 2017. 5/N

Thanks to ALL that contributed content over the years to #phishkittracker, some of which are listed below @ActorExpose @JCyberSec_ @Jouliok @actorexpose @andpalmier @aneilan @jouliok @nullcookies @ozuma5119 @phishunt_io @sysgoblin @dubstard and many more i've missed 4/N

I am still actively working in Cybersecurity and plan on staying online with my primary account @neonprimetime but at this time I am looking to shift focus on new research & adventures in the #infosec world beyond @PhishKitTracker. 3/N

I will keep all the #threatactoremail data out on Github, available to anyone to use ( https://t.co/oNg7QBsiX4 ), the blog out there with screenshots and such ( https://t.co/xSHLA8nrnz ) and the twitter handle online for historic reference ( https://t.co/MUmqwnBLhY ) 2/N

Hello fellow #phishingkit #phishing hunters. I have not been able to give the Phishing Kit Tracker (@PhishKitTracker) project the necessary time it requires & therefore have decided at this time to pause the project. Thank you for all your support throughout the years. 1/N

KIT Intel is a tool for phishing kit research...at scale. 📁 Upload, Analyze, Cluster, and Research phishing kits like never before.

So you want to learn about phishing kits 🧑‍🎓 🧵 In this thread I will highlight threat hunting skills and IoCs within phishing kits to look for ⤵️ Retweets are appreciated ♻️ 🔍Follow me for more #phishing intelligence @Jcybersec_

@illegalFawn @malwrhunterteam @JAMESWT_MHT @Bank_Security @olihough86 @dubstard @YourAnonRiots @andsyn1 @douglasmun @SwiftOnSecurity This is a utoxic Office phishing kit. There should be 2 files on the root - License.txt maillist.txt The kit is complex with heavy obfuscation in place as well

@SteveD3 @Ledtech3 @MalwareJake @nullcookies @dyngnosis @olihough86 @dave_daves @n0p1shing @ANeilan @selenalarson Always pivot - The second email address 'ricadojerry' has been linked to a large number of phishing kits targeting Office, Yahoo, DHL, and Gmail. Can be seen here in the archived @PhishKitTracker run by @neonprimetime Linked tweet - https://t.co/uqOBgMoxy8

What you think, why Gmail still does nothing about the 1000s of phished credentials going to skids' Gmail inboxes daily? A: They dgaf. B: 3 char agencies of US prefer searching in those inboxes when they want access to somewhere than compromising themselves. C: A+B.

Props to all who share #threatactoremail including ... @actorexpose @andpalmier @aneilan @cs0sf @marco_ramilli @neonprimetime @phishkittracker @phishunt_io @securereload @sysgoblin @jouliok to join the fun cc @PhishKitTracker & include exfil email & url in tweet 2/2

174 unique #threatactoremail added to @PhishKitTracker github since May 2020 100 @gmail (63%) 35 @yandexcom 21 @yahoo 7 @protonmail somebody with power at those email providers should #takethemdown ! https://t.co/U0annJhV24 1/n

here is REAL #phishing many companies received last year https://t.co/2CO6LH9BJS

another abused service to watch for is @piktochart for credential #phishing like Canva and Zizera https://t.co/YqKc0f6Gnn sample from a few days ago hxxps://create.piktochart[.]com/output/51172832-river-city-tax-consulting-llc https://t.co/AifwCtjz2Q

did you know survey gizmo is now named @AlchemerHQ ? It’s still abused for cred #phishing though ! Email Subject: Check #<no> payment survey.alchemer[.]com/s3/6076800/The-Drainman-Inc-Invoice https://t.co/ikxiuZBb1U