Tag Archives: lures

IntroductionBeginning in December 2023, Zscaler’s ThreatLabz discovered a threat actor creating fraudulent Skype, Google Meet, and Zoom websites to spread malware. The threat actor spreads SpyNote RAT to Android users and NjRAT and DCRat to Windows users. This article describes and shows how the threat actor’s malicious URLs and files can be identified on these fraudulent online meeting websites.

Key Takeaways
A threat actor is distributing multiple malware families using fake Skype, Zoom, and Google Meet websites.
The threat actor is distributing Remote Access Trojans (RATs) including SpyNote RAT for Android platforms, and NjRAT and DCRat for Windows systems.

Campaign OverviewThe attacker utilized shared web hosting, hosting all these fake online meeting sites on a single IP…

Leading perpetrator of online investment scams, which cost Australians and New Zealanders billions of dollars, unmasked in new report.

Infoblox has released a report unmasking Savvy Seahorse as a leading perpetrator of online cybercriminal investment scam websites.

The threat actor has operated in the shadows since at least 2021 and its target victims include people in Australia and New Zealand (A/NZ).

Savvy Seahorse uses Facebook ads to lure in victims and convince them to open accounts, make deposits and invest in companies including Tesla and Meta.

Once deposited, the cybercriminal gang then transfers the funds to a bank in Russia.

Its tactics, techniques, and procedures (TTPs) also include ChatGPT and WhatsApp bots imitating online webchats to encourage victims…