Yep the same attacker has been leading 5 different phishing campaigns and they all ended with that fake hivesigner. Unfortunately some people didn’t realize it was bogus so I kept submitting with a script thousands of potentially valid credentials to make the attacker’s life more difficult 😉