phishing
Over 3,000 GitHub accounts used by malware distribution service
Threat actors known as ‘Stargazer Goblin’ have created a malware Distribution-as-a-Service (DaaS) from over 3,000 fake accounts on GitHub that push information-stealing malware. The malware delivery service is called Stargazers Ghost Network and it utilizes GitHub repositories along with compromised WordPress sites to distribute password-protected archives that contain malware. In most cases, the malware are infostealers, such […]
Attackers Exploit URL Protections to Disguise Phishing Links
Cybercriminals are abusing legitimate URL protection services to disguise malicious phishing links, Barracuda researchers have revealed. The firm observed phishing campaigns using three different URL protection services to mask phishing URLs and send victims to websites designed to harvest their credentials. The researchers believe these campaigns have targeted hundreds of companies to date, if not […]
New phishing tactic hijacks email protections to mask links
Email security company Barracuda exposed a recent phishing campaign that uses legitimate URL protection services to mask malicious email links. The new phishing tactic was revealed in a Barracuda blog post Monday, and has been leveraged in attacks beginning around mid-May 2024. The attacks take advantage of the legitimacy of URL protection services used by […]