Attacks involving spoofed Google Meet, Zoom, and Skype websites have been launched to facilitate the deployment of various remote access trojans since December, according to The Hacker News.
Windows systems impacted by the attacks were compromised with the NjRAT and DCRat trojans, while SpyNote RAT was distributed in targeted Android devices, a report from Zscaler ThreatLabz revealed. Typosquatting tactics have been leveraged by threat actors to lure targets into downloading the apps from the fraudulent sites, which were discovered to have buttons enabling downloads across various operating systems. However, attacks are believed not to have been targeted at iOS devices, as the site's button for iOS redirected to the Skype app in the official Apple App Store. Such findings come after Windows and Linux systems were reported by the AhnLab Security Intelligence Center to have been targeted by attacks exploiting the free online notepad platform aNotepad to spread the WogRAT malware.
