PepsiDog: inside the rise of a professional Chinese phishing actor

No ratings

Presented at VB2025 Berlin by

Building on last year's investigation into a massive Chinese package redelivery smishing syndicate, this presentation delves deeper into one of the key actors briefly touched on in the previous research. PepsiDog is a threat actor that exemplifies a new level of professionalism, operating as a "developer-first" entity in the phishing ecosystem. By selling advanced phishing kits and offering phishing-as-a-service (PhaaS), they provide tools that enable global targeting of individuals and institutions, often through package redelivery scams. This research highlights how this actor differs from others in scale, sophistication, and operational structure, demonstrating the ongoing evolution of threat actor capabilities. A day in the life of a threat researcher investigating this group will offer attendees a behind-the-scenes look at the challenges of unravelling their operations. Additionally, we'll explore their technical innovation, the expanded adoption of new cash-out mechanisms, and how their kits are being sold and deployed globally.