Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Spiderman phishing kit targeting European banks and crypto services

Malware Activity
First reported
Last updated
Happening score
H score 34
1 unique sources, 1 articles

Summary

Hide ▲

The Spiderman phishing kit is being used against customers of European banks and crypto services, driving credential theft and account takeover risk. It clones legitimate sites and captures login credentials, 2FA/PhotoTAN/OTP codes, and credit card data. Its modular targeting controls make it easy for operators to adapt to new brands and authentication flows.

Related Happenings

Coruna iOS exploit kit used for crypto-theft payloads

Malware Activity
First: 04.03.2026 21:06 Last: 04.03.2026 21:06 Sources 1

About this happening: The **Coruna** exploit kit is being used in active attacks, giving operators **23 iOS exploits** and five exploit chains that reach **iOS 13.0 through 17.2.1**. The kit can delive...

Open Happening

Starkiller dark-web phishing platform scales credential theft as a SaaS-style criminal service

Threat Actor Meta
First: 19.02.2026 14:00 Last: 19.02.2026 14:00 Sources 1

About this happening: The **Starkiller** phishing platform has emerged as a **SaaS-style criminal service**, raising the scale and durability of credential theft operations. It is sold on the **dark we...

Open Happening

Stanley MaaS markets malicious Chrome-extension phishing service

Threat Actor Meta
First: 27.01.2026 01:46 Last: 27.01.2026 01:46 Sources 1

About this happening: **Stanley** is a **malware-as-a-service (MaaS)** platform for **malicious Chrome extensions** that helps operators deliver **phishing pages** through the browser while keeping the...

Open Happening

BlackForce, GhostFrame, InboxPrime AI, and Spiderman phishing kits scaling credential theft

Malware Activity
First: 12.12.2025 16:04 Last: 12.12.2025 16:04 Sources 1

About this happening: **BlackForce**, **GhostFrame**, **InboxPrime AI**, and **Spiderman** are newly documented phishing kits that expand **credential theft at scale** and make it easier to bypass **MF...

Open Happening

Varonis Interceptor launches as AI-native email and browser security

Security Tool/Service
First: 13.10.2025 17:04 Last: 13.10.2025 17:04 Sources 1

About this happening: **Varonis** launched **Varonis Interceptor**, an **AI-native email security** and browser security product designed to block **phishing**, **business email compromise**, **social...

Open Happening

Timeline

  1. 10.12.2025 16:53 2 articles · 5mo ago

    Spiderman phishing kit targets European banks and crypto services

    Initial Disclosure

    Varonis analyzed the Spiderman phishing-as-a-service kit, which uses pixel-perfect replicas of legitimate sites to target customers of European banks and cryptocurrency services. The kit can capture login credentials, 2FA/PhotoTAN/OTP codes, credit card data, and seed phrases for Ledger, Metamask, and Exodus wallets, while operators can view victim sessions in real time, export data with one click, and narrow targeting by country, ISP, and device type. One Signal group associated with the kit reportedly counted 750 members.

    Show sources
    Open in new tab