Project Phantom, which complements SlashNext's messaging security platform, bypasses obfuscation techniques used by threat actors to block security services from analyzing phishing sites.
Comparable tactics, techniques, and procedures have been leveraged by North Korean threat group Konni, which has been tied to Kimsuky, in its escalating cyberespionage operations against Russia and South Korea.
Attacks involved the creation of several ads redirecting to spoofed versions of Lowe's MyLowesLife employee portal in a bid to compromise credentials from current and former workers, according to a report from Malwarebytes Labs.
Attacks spreading the credential- and cryptocurrency wallet asset-stealing BeaverTail malware variant that delivers that information-stealing Python-based InvisibleFerret backdoor were initially conducted by Lazarus Group via fake job offers that dupe targets into executing a malicious Node.js project.
Combine the financial sector’s high online usage and need to make speedy decisions and it’s easy to understand why hackers use file-sharing services to prey on this vertical.
Median Bitcoin ATM fraud losses between January and June totaled $10,000, with losses over three times more likely to be reported by seniors, compared with younger adults.
After identifying cryptocurrency and decentralized firms that could be compromised, North Korean hackers target employees with investment or employment lures under the guise of known contacts.
Threat actors distributed phishing emails with malicious ZIP files containing a Word-spoofing LNK file purporting to be a list of individuals who committed remote control software regulation violations, which facilitates the deployment of a Microsoft binary and a DLL file concealing Cobalt Strike.