When you call yourself Mr-Brain, well, you have to prove it, right? And when you consider yourself a scam *artist*, you at least have to show that you can be stealth.
XXX uncovered one on these multi-scam-kits websites yesterday and I was surprised to see a phishing kit for DSL subscribers of free.fr (the French ISP for geeks). I’m a long standing client of free.fr and that was the first time I’ve seen a phishing kit for them… so I began to dig.

On this scam repository (what for? Why the hell do you have to put a phish-kits’ repository on a website, with commercials?), there were all the usual targets (Chase, Barclays, hsbc…) and all kits were really kiddy-style (23 lines-long php file that send stolen credentials to a hotmail address):

Mr Brain considers himself as really smart in the online world. He even knows how to put a fake ID in whois, uh. But brain surgery still needs improvements these days because he doesn’t know the obscure terms “reverse-ip” and “dns logs”. No one’s perfect.

Browsing the websites he operates, we can uncover that this moroccan boy has some mental disease I can’t diagnose right now, but islamic website on the one hand while pornographic and phishing ones on the other hand : this is schyzophrenia, right?