Phishing, Threat Intelligence

Novel techniques leveraged to fuel recent phishing campaigns

Share

Threat actors have become increasingly creative in recent phishing campaigns, which have involved new attack techniques, reports The Hacker News.

Insurance and finance industry organizations have been targeted with the Remcos RAT payload as part of a new phishing attack involving the abuse of GitHub comments to insert links redirecting to legitimate open-source tax software repositories instead of unknown repositories, according to a Cofense report. "Emails with links to GitHub are effective at bypassing SEG security because GitHub is typically a trusted domain. GitHub links allow threat actors to directly link to the malware archive in the email without having to use Google redirects, QR codes, or other SEG bypass techniques," said Cofense researcher Jacob Malimban. Such findings follow an analysis from ESET detailing the escalating attacks by Telekopye Telegram toolkit threat actors against Airbnb, Booking.com, and other accommodation platforms aimed at exfiltrating users' financial information since July. Malicious actors were also reported by Barracuda Networks to have exploited blob URLs and ASCII- and Unicode-based QR codes to better conceal phishing activity.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.