Search Results for: phishing attacks

February 1, 2024 Cybersecurity researchers are calling attention to the “democratization” of the phishing ecosystem owing to the emergence of Telegram as an epicenter for cybercrime, enabling threat actors to mount a mass attack for as little as $230. “This messaging app has transformed into a bustling hub where seasoned cybercriminals and newcomers alike exchange …

Telegram Marketplaces Fuel Phishing Attacks with Easy-to-Use Kits and Malware Read More »

December 26, 2023 The threat actor referred to as Cloud Atlas has been linked to a set of spear-phishing attacks on Russian enterprises. Targets included a Russian agro-industrial enterprise and a state-owned research company, according to a report from F.A.C.C.T., a standalone cybersecurity company formed after Group-IB’s formal exit from Russia earlier this year. Cloud Atlas, active since at …

Cloud Atlas’ Spear-Phishing Attacks Target Russian Agro and Research Companies Read More »

November 22, 2023 Phishing attacks are steadily becoming more sophisticated, with cybercriminals investing in new ways of deceiving victims into revealing sensitive information or installing malicious software. One of the latest trends in phishing is the use of QR codes, CAPTCHAs, and steganography. See how they are carried out and learn to detect them. Quishing …

How Multi-Stage Phishing Attacks Exploit QRs, CAPTCHAs, and Steganography Read More »

November 21, 2023 Phishing campaigns delivering malware families such as DarkGate and PikaBot are following the same tactics previously used in attacks leveraging the now-defunct QakBot trojan. “These include hijacked email threads as the initial infection, URLs with unique patterns that limit user access, and an infection chain nearly identical to what we have seen …

DarkGate and PikaBot Malware Resurrect QakBot’s Tactics in New Phishing Attacks Read More »

September 28, 2023 A new threat actor known as AtlasCross has been observed leveraging Red Cross-themed phishing lures to deliver two previously undocumented backdoors named DangerAds and AtlasAgent. NSFOCUS Security Labs described the adversary as having a “high technical level and cautious attack attitude,” adding that “the phishing attack activity captured this time is part of the attacker’s targeted …

Red Cross-Themed Phishing Attacks Distributing DangerAds and AtlasAgent Backdoors Read More »

August 18, 2023 An ongoing campaign targeting ministries of foreign affairs of NATO-aligned countries points to the involvement of Russian threat actors. The phishing attacks feature PDF documents with diplomatic lures, some of which are disguised as coming from Germany, to deliver a variant of a malware called Duke, which has been attributed to APT29 (aka BlueBravo, Cloaked …

Russian Hackers Use Zulip Chat App for Covert C&C in Diplomatic Phishing Attacks Read More »

April 20, 2023 Elite hackers associated with Russia’s military intelligence service have been linked to large-volume phishing campaigns aimed at hundreds of users in Ukraine to extract intelligence and influence public discourse related to the war. Google’s Threat Analysis Group (TAG), which is monitoring the activities of the actor under the name FROZENLAKE, said the attacks continue the “group’s 2022 focus Article posted …

Google TAG Warns of Russian Hackers Conducting Phishing Attacks in Ukraine Read More »

December 24, 2022 A new targeted phishing campaign has zoomed in on a two-factor authentication solution called Kavach that’s used by Indian government officials. Cybersecurity firm Securonix dubbed the activity STEPPY#KAVACH, attributing it to a threat actor known as SideCopy based on tactical overlaps with prior attacks. “.LNK files are used to initiate code execution which …

Researchers Warn of Kavach 2FA Phishing Attacks Targeting Indian Govt. Officials Read More »

October 12, 2022 The operators behind the BazaCall call back phishing method have continued to evolve with updated social engineering tactics to deploy malware on targeted networks. The scheme eventually acts as an entry point to conduct financial fraud or the delivery of next-stage payloads such as ransomware, cybersecurity company Trellix said in a report published last …

BazarCall Call Back Phishing Attacks Constantly Evolving Its Social Engineering Tactics Read More »

October 8, 2022 In what’s a new phishing technique, it has been demonstrated that the Application Mode feature in Chromium-based web browsers can be abused to create “realistic desktop phishing applications.” Application Mode is designed to offer native-like experiences in a manner that causes the website to be launched in a separate browser window, while …

Hackers Can Use ‘App Mode’ in Chromium Browsers’ for Stealth Phishing Attacks Read More »