One of our honeypots detected a URL spreading a botnet with a Monero miner bundled with a Perl-based backdoor component. The routine caught our attention as the techniques employed are reminiscent as those used in the Outlaw hacking group’s previous operation.
Read More
We discovered a new technical support scam (TSS) campaign that makes use of iframe in combination with basic pop-up authentication to freeze a user’s browser. Since this technique is new and unfamiliar, it can potentially evade detection.
Read More While doing a search for phishing pages with unique log-in characteristics, we came upon a phishing attack that involves using a legitimate tool called SingleFile as the obfuscation method to avoid detection.
Read More We discovered a phishing campaign targeting South Korean websites and users’ credentials using the watering hole technique. Labeling the campaign Soula, cybercriminals injected a malicious JS code in at least four websites for a fake login pop-up to appear at intervals before they can continue using the pages.
Read More
Tech support scams have diversified into new territory. They now use pop-up alerts and social engineering tactics to spread fake toll-free numbers and links of their fake tech support websites on popular social media platforms.
Read More