A threat actor is creating fake Skype, Google Meet, and Zoom meetings, mimicking these popular collaboration applications to spread various commodity malware that can steal sensitive data from both Android and Windows users.
The campaign, which began in December, demonstrates an emerging cybersecurity threat for corporate users, researchers from Zcaler’s ThreatLabz revealed in a blog post on March 6. The attackers are using shared Web hosting to host fake online meeting sites on a single IP address, leveraging various URLs that are convincingly similar enough to the actual websites of the services being impersonated. The Skype campaign, for instance, used “join-skype[.]info,” while Google Meet users were enticed to join meetings via “online-cloudmeeting[.]pro.” The Zoom campaign uses…
Source link
