Tag: SOCIAL ENGINEERING

An Infostealer Malware Exploits Social Media Business Accounts of High-Position Individuals

DUCKTAIL, a financially motivated malware variant, specifically aims at individuals and businesses utilizing a Social Media Business/Ads platform. The malware is created by Threat Actors (TAs) originating from Vietnam. Since the second half of 2021, TAs have been actively involved in developing and distributing malware associated with the DUCKTAIL operation.…

Read More
Table of contents

Information stealer (or infostealer) is a malware family designed to gather and exfiltrate sensitive information from the infected host. This threat became widespread over the past few years, and is increasingly distributed by multiple threat actors from the cybercrime ecosystem. The distribution methods used to spread stealers are varied, ranging from malspam to fake installers.…

Read More

This post is also available in: 日本語 (Japanese)

Executive Summary

Unit 42 researchers are monitoring the trending topics, newly registered domains and squatting domains related to ChatGPT, as it is one of the fastest-growing consumer applications in history. The dark side of this popularity is that ChatGPT is also attracting the attention of scammers seeking to benefit from using wording and domain names that appear related to the site.…

Read More

ESET researchers have discovered a new Lazarus Operation DreamJob campaign targeting Linux users. Operation DreamJob is the name for a series of campaigns where the group uses social engineering techniques to compromise its targets, with fake job offers as the lure. In this case, we were able to reconstruct the full chain, from the ZIP file that delivers a fake HSBC job offer as a decoy, up until the final payload: the SimplexTea Linux backdoor distributed through an OpenDrive cloud storage account.…

Read More

Found in Environments Protected By:  Microsoft, Fortimail  

By Kurtis Nicks, Cofense Phishing Defense Center   

Phishing attacks continue to evolve, with threat actors becoming increasingly clever in their attempts to deceive their targets. The Cofense Phishing Defense Center (PDC) has recently observed a sophisticated phishing campaign targeting EPOS Net customers, a large Japanese credit card company.…

Read More
Executive Summary

On February 09, 2023, EclecticIQ analysts identified a spear phishing campaign targeting Ukrainian government entities like the Foreign Intelligence Service of Ukraine (SZRU) and Security Service of Ukraine (SSU). Analysts identified a publicly exposed Simple Mail Transfer Protocol (SMTP) server and assess with high confidence that the threat actor used the SMTP server to craft and deliver phishing emails.…

Read More

Financial accountant firms and CPAs are in the crosshairs this tax season, as a threat actor is targeting that industry with an attack that combines social engineering with a novel exploit against Windows computers to deliver malware called GuLoader.

At least two organizations in that industry, both Sophos customers, reported the unusual attack to us in late February and early March, as tax preparers are entering the busiest part of the season in the United States.…

Read More