CoGUI Phish Kit Targets Japan with Millions of Messages

SUMMARY :

A sophisticated phishing kit named CoGUI is targeting Japanese organizations with high-volume campaigns, primarily impersonating consumer and finance brands to steal credentials and payment data. The kit employs advanced evasion techniques like geofencing and fingerprinting to avoid detection. Since October 2024, CoGUI campaigns have sent millions of messages monthly, peaking at 172 million in January 2025. While mainly focused on Japan, some campaigns have targeted other countries. The kit shares similarities with Darcula, another phishing framework used by Chinese-speaking actors. CoGUI's activity aligns with recent warnings from Japanese financial authorities about increased phishing attacks leading to financial theft.

OPENCTI LABELS :

phishing,credential theft,brand impersonation,darcula,cogui


Open in NetmanageIT OpenCTI Public Instance with below link!


Use public read only username and password on login page.

NOTE : Use Public READ only user credentials on login page banner.


CoGUI Phish Kit Targets Japan with Millions of Messages