Q: How do you want to build a client base for your phishing kits?
A: Give the popular ones away for free. Yes FREE, and as blatantly as possible, with one-click satisfaction, right on the homepage of a web site.
I suspect that this is a shareware-style, lead-generation setup–as the phishing kits appear to be of relatively poor quality. (So poor in fact that I expect the most experienced brands to be sending takedown notices for them before the phishing emails were actually sent.) Some of the kits also appear to have encoded parts indicative of being backdoored, too–I guess they gotta pay the hosting bill somehow!
Kudos to the host in Germany for taking down the site next day; you know who you are.
f34e8ce8e373796a30dc7e0730c4ed9e Bank of Israel (2008).rar
fa1a96c0b1927177b2ca2c8bd6c5e970 HSBC.Co.Uk(CC Info).zip
c5d10b25075e4298bf098dc253a408e6 New paypal.rar
e1ba19f799d604656ebd4dd9c8228913 Westren nion 2008.rar
There is an interesting back story to this incident, too: All roads of further investigation lead back to France. The details of which have been with the national police for some time now (thus the delay in posting).