Families of U.S. military workers and individuals looking to have romantic relationships with soldiers are being actively targeted by an enduring phishing campaign that involves fraudsters spoofing military support organizations and personnel, VentureBeat reports.
Suspected threat actors behind the operations have been seeking to exfiltrate victims' names, bank account data, phone numbers, addresses, and photo identification, in an effort to facilitate future identity theft attacks and bank account theft, according to a Lookout Threat Lab report.
Researchers were able to link the attacks to Nigeria after discovering that Nigerian providers mainly hosted the websites they used. One of the web developers also accidentally left a phone number with the Nigerian country code on the website's draft.
Poor operational security practices have made tracking the group easier for researchers, who have also associated the group with 50 military scam sites, as well as other scams that involve cryptocurrency trading, phony delivery services, and banks.
Millions of Tenda, Netgear, Western Digital, TP-Link, D-Link, and EDiMAX end-user routers are being affected by a high-severity buffer overflow vulnerability in the KCodes NetUSB component, a Linux kernel module allowing local network-connected devices to offer USB-based services.
Thirty-three percent of Americans experienced one or more cyberattacks last year, nearly half of whom were victimized by phishing attacks, as cybersecurity incidents across the U.S. rose by 27%, compared with 2020.