Hackers abuse popular code repositories service such as GitHub to host a variety of phishing domains to make their targets to believe it is through GitHub domains. GitHub reported the abuse to GitHub and all the phishing accounts has been taken down by GitHub. The Phishing kit lures the login credentials of a retail bank using the stolen brand logo and the graphics. The phishing kit is not written from scratch and are instead simply modified by different actors. The HTML script is slightly obfuscated and the lured credentials are sent to another compromised server that owned by attackers.”]