Attribute | Details |
---|---|
Threat Actors | Unknown phishing group targeting employees across multiple companies |
Campaign Overview | Ongoing sophisticated phishing campaign targeting employees across 12 industries and 15 jurisdictions |
Target Regions | Global, affecting companies across 12 industries worldwide |
Methodology | Phishing emails, advanced social engineering, dynamic branding, document impersonation |
Product Targeted | Email login credentials, document platforms like Adobe, Google AMP, DocuSign |
Malware Reference | Not specific malware mentioned, but techniques for stealing login credentials |
Tools Used | Command-and-Control (C2) servers, Telegram bots, trusted domain abuse, dynamic company branding |
Vulnerabilities Exploited | Abuse of trusted domains, impersonation of document platforms (DocuSign, Adobe) |
TTPs | Social engineering, C2 communications, dynamic branding, trusted domain abuse, impersonation tactics |
Attribution | Group-IB research, targeting employees across diverse industries and multiple companies globally |
Recommendations | Multi-factor authentication, employee security awareness training, advanced email filtering systems |
Source | Hackread |
Read full article: https://hackread.com/ongoing-phishing-campaign-targets-employees/
The above summary has been generated by an AI language model
Leave a Reply