| Attribute | Details |
|---|---|
| Threat Actors | Unknown phishing group targeting employees across multiple companies |
| Campaign Overview | Ongoing sophisticated phishing campaign targeting employees across 12 industries and 15 jurisdictions |
| Target Regions | Global, affecting companies across 12 industries worldwide |
| Methodology | Phishing emails, advanced social engineering, dynamic branding, document impersonation |
| Product Targeted | Email login credentials, document platforms like Adobe, Google AMP, DocuSign |
| Malware Reference | Not specific malware mentioned, but techniques for stealing login credentials |
| Tools Used | Command-and-Control (C2) servers, Telegram bots, trusted domain abuse, dynamic company branding |
| Vulnerabilities Exploited | Abuse of trusted domains, impersonation of document platforms (DocuSign, Adobe) |
| TTPs | Social engineering, C2 communications, dynamic branding, trusted domain abuse, impersonation tactics |
| Attribution | Group-IB research, targeting employees across diverse industries and multiple companies globally |
| Recommendations | Multi-factor authentication, employee security awareness training, advanced email filtering systems |
| Source | Hackread |
Read full article: https://hackread.com/ongoing-phishing-campaign-targets-employees/
The above summary has been generated by an AI language model
Leave a Reply