Cybersecurity researchers have uncovered a new cyber-threat involving fraudulent Skype, Google Meet and Zoom websites aimed at spreading malware.
The campaign, uncovered in December 2023 by Zscaler’s ThreatLabz, saw perpetrators distributing the SpyNote remote access Trojan (RAT) to Android users and NjRAT and DCRat to Windows users. These malicious URLs and files were identified on fake online meeting websites, posing significant risks to users.
The attackers utilized shared web hosting, housing all fake meeting sites on a single IP address, all in Russian. The fake sites closely mimicked genuine platforms, making them more convincing to unsuspecting users.
“When a user visits one of the fake sites, clicking on the Android button initiates the download of a malicious APK…
Source link