Illusive Labs Blog

Technical cybersecurity perspectives focusing on deceptions,
threat trends, incident response, advanced attacks and new technologies

For open source tools published by the Illusive Labs team, visit our GitHub page.

Phishing the Phishers: Using Attackers’ Own Tools to Combat APT-style attacks

Posted by Dolev Ben Shushan on Dec 28, 2017 6:49:04 AM

As a deceptions researcher, part of my job is to design deceptions against attackers by manipulating or reverse-engineering the common toolkits attackers use. Deceptions are pieces of false information that are planted across the organization and appear as real, relevant information to the attacker. For example, browser deceptions — pieces of information specifically planted in browser history, saved forms, etc. — can be created to lure malicious hackers and insiders to deceptive web servers. In this article, we will show how phishing can be used to catch attackers and how phishing kits can be used for defensive purposes.

Read More


Stay up to date!