Detects a Davivienda phishing kit deployed often on replit.com targeting Colombian citizens.
title: Davivienda Phishing Kit 2j5dxddh
description: |
Detects a Davivienda phishing kit deployed often on replit.com targeting Colombian citizens.
references:
- https://urlscan.io/result/5d33c5b2-eb5f-4d88-8638-a1054580ef9e
detection:
title:
html|contains:
- <title>Banca Digital Davivienda</title>
css:
html|contains|all:
- href="./index_files/theme.css.davivienda"
- href="./index_files/primefaces.css.davivienda"
js:
html|contains|all:
- src="./index_files/jquery.js.davivienda"
- src="./index_files/analytics.js.descarga"
favicon:
html|contains:
- link rel="shortcut icon" type="image/x-icon" href="https://miredireciosnq.yj.lu/favicon.ico"
form:
html|contains:
- form method="post" action="tos.php"
img:
html|contains:
- src="./index_files/logo-davivienda-black.png"
- src="./index_files/logo-davivienda.png"
condition: title and css and js and favicon and form and img
tags:
- kit
- target.davivienda
- target_country.colombia