Skip to main content

This dangerous new hacker tool makes phishing worryingly easy

Setting up phishing campaigns for Microsoft 365 has become a relatively straightforward process due to a phishing-as-a-service (PhaaS) platform named Caffeine.

As reported by Bleeping Computer, the service offers a way for cybercriminals to target individuals in order to obtain access to their Microsoft 365 accounts.

Computer user touching on Microsoft word icon to open the program.
Microsoft

Researchers from cybersecurity company Mandiant released a report on Caffeine after uncovering it recently. They discovered the service following an investigation into a phishing campaign derived from Caffeine, which saw threat actors focusing Caffeine’s efforts on one of the firm’s clients.

Recommended Videos

Unlike other platforms, anyone interested can access Caffeine without the requirement of invites or referrals. Another trait that is common among such services is receiving approval from an admin on a Telegram group or hacking forum. However, this screening process is also not needed by Caffeine.

Although the majority of PhaaS platforms target western regions, the phishing templates for Caffeine in particular revolve around both Russian and Chinese platforms.

After a threat actor has created their account, they gain access to the Caffeine Store, a central hub featuring tools for setting up phishing campaigns. Of course, the service isn’t offered for free. A subscription license is priced at $250 per month, while the more premium options cost $450 (three months) and $850 (six months).

The subscription tiers for a phishing platform.
Image source: Mandiant/Bleeping Computer Image used with permission by copyright holder

The aforementioned prices are around three to five times higher than an average PhaaS subscription. That said, it delivers both anti-detection and anti-analysis systems, in addition to customer support.

Once the phishing campaign has been set up, the phishing kit itself — a Microsoft 365 login page — is launched, after which a phishing template has to be selected. A Python or PHP-based email management utility are other convenient tools that are also offered to distribute phishing emails to targets.

Mandiant has detailed how to detect phishing emails from Caffeine, but the fact remains that when additional templates are added to Caffeine, it’ll become an even more attractive platform for setting up phishing campaigns. When factoring in the automated aspect of the service, newcomers to PhaaS can launch their cyber attacks with ease.

Scammers have previously attempted to send out fake Microsoft Office USB sticks to infect a target’s system with ransomware.

Zak Islam
Former Digital Trends Contributor
Zak Islam was a freelance writer at Digital Trends covering the latest news in the technology world, particularly the…
The Packers were targeted by hackers, putting credit cards in danger
Green Bay Packers helmet and logo.

The Green Bay Packers just fell victim to hackers -- or rather, the team's online store did. The bad news? That means your credit card information could be in danger if you've recently shopped at the NFL team's official online retail store. The Packers released a notice of a data breach, notifying its customers about the October hack. Here's what we know.

Hackers managed to access the store and insert a card skimmer script to steal payment and personal information. The data affected includes credit card types, expiration dates, numbers, and verification numbers, which could put customers at risk of credit card fraud. Hackers also got access to names, addresses, and email addresses, says Bleeping Computer.

Read more
This new RTX 5080 leak is starting to make me worry
Leaked packaging for Nvidia's RTX 5080.

The packaging for Nvidia's RTX 5080 was just leaked mere hours ahead of the official announcement of the RTX 50-series during CES 2025. The packaging confirms a couple of previous leaks, which is great -- but it's the early retail listing, spotted by VideoCardz, that's making me worry. The pricing implies that, unsurprisingly, one of Nvidia's best graphics cards might indeed be really expensive.

The initial leak comes from wxnod on X (Twitter). It shows us several boxes of the RTX 5080 stacked on top of each other. These aren't Nvidia's own Founders Edition designs, but custom designs made by one of Nvidia's partners, Gainward. Unfortunately, all the juicy specs are usually tucked away at the back of the box, which we don't get to see in this image. Still, the box does confirm 16GB of GDDR7 memory for the RTX 5080.

Read more
We might get a new Steam Deck next month — and Valve isn’t making it
The Steam Deck OLED on a pink background.

I expected to see some new handheld gaming PCs this year at CES, but it looks like something even more exciting is in store. AMD and Lenovo are hosting an event during the week of the show, and it'll have two special guests in attendance: Valve's Pierre-Loup Griffais and Microsoft's Jason Ronald.

I'll be attending the event on January 7, about which Sean Hollister over at The Verge initially shared out the details. There are a couple of reasons why this event could be significant. First, Valve. Since the launch of the Asus ROG Ally, there have been a handful of these types of events featuring spokespeople from AMD, Microsoft, and the company making a handheld -- Lenovo or Asus. Valve hasn't ever been in attendance, and considering Valve makes the Linux-based Steam Deck, it would be odd for the company to have a presence.

Read more