Tag: SPAM

Lucid: The Rising Threat of Phishing-as-a-Service
Summary: The report by Prodaft reveals the emergence of Phishing-as-a-Service (PhAAS) platforms, particularly focusing on the Lucid platform operated by Chinese-speaking threat actors. This platform facilitates large-scale phishing attacks targeting individuals and organizations worldwide through sophisticated mechanisms that exploit messaging technologies. The rise of such platforms underscores a growing threat landscape, intensifying the risks associated with financial cybercrime and the need for enhanced security measures.…
Read More
Stealthy Snake Keylogger Malware Targets Credentials in Sophisticated Attacks
Summary: Seqrite Labs reports on a malicious campaign using SnakeKeylogger, an advanced info-stealing malware, which employs a multi-stage infection chain and stealthy execution methods to extract sensitive data from victims. The infection begins with malicious spam emails that contain disguised executable files, leading to the deployment of sophisticated payloads that evade detection.…
Read More
New Morphing Meerkat Phishing Kit Mimics 114 Brands Using Victims’ DNS Email Records
Summary: A new phishing-as-a-service (PhaaS) platform named Morphing Meerkat has been uncovered, exploiting DNS mail exchange records to create fake login pages for approximately 114 brands. The actor behind it is known for using compromised domains and adtech infrastructure, delivering targeted campaigns that dynamically translate content into various languages.…
Read More
HaveIBeenPwned Creator Becomes Victim of Sophisticated Phishing
Summary: Renowned cybersecurity expert Troy Hunt fell victim to a sophisticated phishing attempt that exploited his use of Mailchimp. Despite his expertise, Hunt was tricked into providing his credentials and two-factor authentication code, allowing attackers to compromise his email list. While the breach had minimal impact, it serves as a crucial reminder of the pervasive threat of phishing attacks, even for seasoned professionals.…
Read More
RedCurl Shifts from Espionage to Ransomware with First-Ever QWCrypt Deployment
Summary: The Russian-speaking hacking group RedCurl has been identified for the first time as launching a ransomware campaign using a new strain named QWCrypt. Historically known for corporate espionage attacks, RedCurl’s latest activities include sophisticated social engineering tactics to deploy malware and encrypt virtual machines, severely disrupting their targets.…
Read More
Hackers Using E-Crime Tool Atlantis AIO for Credential Stuffing on 140+ Platforms
Summary: Threat actors are leveraging the Atlantis AIO Multi-Checker tool to automate credential stuffing attacks, allowing them to test millions of stolen credentials rapidly. This tool enables widespread unauthorized access to user accounts across various platforms and services, resulting in potential fraud and data theft. Organizations should implement strict password policies and multi-factor authentication to mitigate these risks.…
Read More
SnakeKeylogger: A Multistage Info Stealer Malware Campaign
The SnakeKeylogger campaign illustrates a sophisticated credential-stealing threat targeting both individuals and businesses. Utilizing multi-stage infection techniques, it cleverly evades detection while harvesting sensitive data from various platforms. Attackers employ malicious spam emails containing disguised executable files to initiate the infection. Affected: Individuals, Businesses, Email Clients, Web Browsers, FTP Clients.…
Read More
Unveiled the Threat Actors
This article explores various threat actors known for their significant cyber attacks, detailing their origins, techniques, and famous hacks. It categorizes these actors by their affiliations, such as state-sponsored and financially motivated groups, providing insight into their behaviors and methodologies. Affected: Government networks, financial institutions, healthcare, energy sector, retail, hospitality, media, technology, and more.…
Read More
Hundreds of Malicious Google Play-Hosted Apps Bypassed Android 13 Security With Ease
Bitdefender has uncovered a widespread ad fraud scheme utilizing over 331 malicious apps on the Google Play Store, which have amassed more than 60 million downloads. These apps display unwanted ads and attempt to extract user credentials and credit card information through phishing tactics. The campaign shows how criminals actively exploit vulnerabilities in app distribution platforms, emphasizing the need for enhanced mobile security measures.…
Read More
Phishing campaign impersonates Booking dot com delivers a suite of credential stealing malware
A phishing campaign impersonating Booking.com has been identified targeting organizations within the hospitality sector, particularly in relation to travel. Using the ClickFix social engineering technique, this campaign seeks to steal credentials and engage in financial fraud, affecting various regions including North America and Europe. Affected: hospitality industry, Booking.com…
Read More
Coinbase phishing email tricks users with fake wallet migration
Summary: A deceptive phishing campaign targeting Coinbase users tricks recipients into creating a new wallet by providing a recovery phrase controlled by attackers. The emails falsely present a mandatory wallet migration and bypass email security checks, making them seem legitimate. Coinbase warns users to be vigilant and never use recovery phrases provided by emails.…
Read More
Phishing campaign impersonates Booking dot com delivers a suite of credential stealing malware
A phishing campaign identified by Microsoft Threat Intelligence targets the hospitality industry, impersonating Booking.com and utilizing the ClickFix social engineering technique to deliver credential-stealing malware. The campaign, ongoing since December 2024, aims at financial fraud by tricking users into executing malicious commands. Affected: hospitality organizations, Booking.com…
Read More