Detects a different Bancolombia phishing kit deployed often on replit.com targeting Colombian citizens.
title: Bancolombia Phishing Kit 3kyj5nlh
description: |
Detects a different Bancolombia phishing kit deployed often on replit.com targeting Colombian citizens.
references:
- https://urlscan.io/result/e5886efa-db1c-419b-8b34-cb7ea945cfc0
- https://urlscan.io/result/40ceb859-6bb1-47ea-ad37-83f869ed75af
- https://urlscan.io/result/a054c3a2-3598-4f5a-bc72-f2b93c56be48
- https://urlscan.io/result/34e08ef5-de06-4355-81eb-08963daea67b
- https://sucursalpersonas.transaccionesbancolombia.com/mua/USER
detection:
css:
html|contains|all:
- href="./hfh/styles.css"
- href="./hfh/bootstrap.css"
- href="./hfh/jquery-ui.css"
- href="./hfh/ui.css"
form:
html|contains:
- form method="POST" id="main_form" autocomplete="off" action="index2.php"
divs:
html|contains|all:
- div id="contenidoWeb"
- div id="contenido"
- div class="mua_tooltip_msg"
imgs:
requests|contains|all:
- icc.png
- 1es.png
- imgPublicidad.png
condition: css and form and divs and imgs
tags:
- kit
- target.bancolombia
- target_country.colombia