Detects a phishing kit targeting Bancolombia. This was found as a result of this kit being deployed on Replit.
title: Bancolombia Phishing Kit jr5mnv
description: |
Detects a phishing kit targeting Bancolombia.
This was found as a result of this kit being deployed on Replit.
references:
- https://urlscan.io/result/b4501b15-b767-4c10-a11e-898ae8cf01a7/
- https://urlscan.io/result/185193df-05e6-40ff-aa2e-694098a4f03a/
- https://urlscan.io/result/2759a513-0dee-49e5-8dfb-820b1acea250/
- https://urlscan.io/result/1d52da2c-126c-4a99-bfde-c8a11c2a1a12/
- https://urlscan.io/result/e577760c-3901-4fd3-93c4-58a9e2613250/
- https://urlscan.io/result/500c35f2-ca7e-4673-8cf0-19a5f686547f/
detection:
icons:
css|contains|all:
- https://i.imgur.com/8Ezt3Uy.png
- https://i.imgur.com/KROsJQP.png
images:
html|contains|all:
- img src="toplogpro1.png"
- img src="info.png"
form:
html|contains:
- form class="login100-form validate-form" method="post" action="rol.php"
condition: icons and images and form
tags:
- kit
- target.bancolombia
- target_country.colombia