Tag Archives: hijacked

Domain names are getting hijacked undetected by Sitting Ducks attacks. The attack occurs without compromising the linked account, which the DNS provider should secure. The damage the attack causes can be extensive: cybercriminals are given the opportunity to spread malware and phishing under the domain name.

DNS providers are the target of Sitting Ducks attacks. Such attacks allow cybercriminals to hijack domain names and then abuse them. Abuse can take the form of malware, phishing campaigns, brand impersonation and data exfiltration. A Cobalt Strike would have already been illegally distributed in this way.

Researchers at Infoblox and Eclypsium investigated this method of attack and discovered active abuse at several DNS providers. This provider shares in…

A new hacking campaign has been spotted in which the attackers are abusing legitimate cloud storage services to host malicious payloads.

In a research report, Securonix said that the campaign starts with a phishing email containing a .ZIP archive. When unzipped, the archive delivers an executable file that was made to look like an Excel file. The file uses a hidden left-to-right override (RLO) Unicode character, reversing the order of the characters that follow.

New research has revealed that threat actors are leveraging Facebook messages to deploy a sophisticated Python-based infostealer, known as Snake.

Researchers at Cyberason have shared details of the attack, indicating that Snake’s primary objective is to capture sensitive data and credentials from unsuspecting users.