Tag Archives: hackers

Cybersecurity researchers unveiled a sophisticated scam operation, “Savvy Seahorse,” exploiting victims through advanced DNS manipulation techniques.

This operation, active since at least August 2021, has flown under the radar by leveraging DNS canonical name (CNAME) records to create a dynamic and elusive traffic distribution system (TDS) for financial scam campaigns.

A Novel Approach to Cybercrime

Savvy Seahorse’s campaigns are not your typical phishing attempts. They incorporate fake ChatGPT and WhatsApp bots that provide automated responses, luring victims into providing personal information under the guise of high-return investment opportunities.

These campaigns target a wide range of language speakers, including Russian, Polish,…

A campaign to hack into Azure Cloud accounts is targeting senior executives at a wide range of organizations, affecting hundreds of user accounts so far, according to California-based cybersecurity firm Proofpoint.

“In late November 2023, Proofpoint researchers detected a new malicious campaign, integrating credential phishing and cloud account takeover (ATO) techniques,” Proofpoint said in an advisory post. The firm notes that the attack is still ongoing.

The advisory post explains the technical details of the hacks, but in short, threat actors use shared documents that are individualized to the target as phishing lures. The document links, however, redirect users to a malicious phishing web page, where account details are stolen.

Once stolen, attackers register their multi-factor…

Apr 13, 2023Ravie LakshmananMalware / Cyber Attack

The Transparent Tribe threat actor has been linked to a set of weaponized Microsoft Office documents in attacks targeting the Indian education sector using a continuously maintained piece of malware called Crimson RAT.

While the suspected Pakistan-based threat group is known to target military and government entities in the country, the activities have since expanded to include the education vertical.

The hacking group, also called APT36, Operation C-Major, PROJECTM, and Mythic Leopard, has been active as far back as 2013. Educational institutions have been at the receiving end of the adversary’s attacks since late 2021.

“Crimson RAT is a consistent staple in the group’s malware arsenal the adversary uses in its campaigns,”…

In a multi-year intrusion, Web hosting platform GoDaddy has revealed that cyber-criminals gained access to its systems, installed malware on its network and stolen parts of its source code.

In order to further investigate the issue, the company said that it is working with multiple law enforcement agencies around the world, in addition to forensics experts.

GoDaddy Targeted by Cyber Criminals

The company said in a statement that “We have evidence, and law enforcement has confirmed, that this incident was carried out by a sophisticated and organised group targeting hosting services like GoDaddy”.

The hackers’ goal was to infect websites and servers with malware for phishing campaigns, malware distribution and other malicious activities. GoDaddy revealed in a US Securities and…

GoDaddy website servers are some of the latest to fall victim to fall victim to hackers seeking to install malware and cause intermittent redirections on customer website.

The website hosting company shared the news in its 10-K filing with the Securities and Exchange Commission last week, explaining a “sophisticated threat actor” conducted the hacking campaign for two years.

GoDaddy officials said in the filing, “In March 2020, we discovered a threat actor compromised the hosting login credentials of approximately 28,000 hosting customers to their hosting accounts, as well as the login credentials of a small number of our personnel.”

FTX SAYS HACKERS STOLE $415M AFTER…