My previous blog post highlighted both what a phishing kit is and what functionalities it usually provides to a fraudster who uses it throughout the duration of the social engineering attack known as phishing.

My previous post was intended to demonstrate that malicious software could also be affected by security vulnerabilities. The example considered a remote code execution in a PHP page used in a phishing attack. However, the debate is still open concerning the possibility that the security issue had been intentionally introduced as a back door.