Hackers use Bit.ly, BlogSpot, and Pastebin to distribute RevengeRAT
infosec

Hackers use Bit.ly, BlogSpot, and Pastebin to distribute RevengeRAT

A new survey by the Palo Alto Networks Unit 42 revealed a malicious campaign that took place in March and ...
Read More
infosec

Car Hacking: More likely to be done by a mechanic than by a hacker

When we talk about car hacking, it comes to mind a hacker who gets remote access to the car system ...
Read More
infosec

Sri Lanka: Blocks access to social media

The government of Sri Lanka has temporarily blocked access to various social media services following deadly explosions that erupted ...
Read More
infosec tweaks

How to hack networks with Wi-Fi passwords

Probably you have a Wi-Fi network in your home or stay close to one (or more) that appears in ...
Read More
infosec tweaks

What is Social Engineering, what are its techniques and how to protect yourself?

Social Engineering is the term used for a wide range of malicious activities that are accomplished through human interactions. Uses the ...
Read More
Latest Posts

Beware of 2 new phishing campaigns related to Mundial 2018

Two phishing campaigns made their appearance and concern both the FIFA World Cup organization (Mundial 2018) and one of its long-term partners, Adidas.

Phishing

One campaign tries to tempt victims to click on a malicious link under the guise of getting a program of matches and team workouts as well as a tracker of results.

The second campaign gives you, a free 50 dollar registration per month at website who advertise Adidas shoes.

Check Point was the one who discovered the phising effort associated with the start of the World Cup and is aimed at football fans. A known malware commonly used to install programs (PUP), toolbars, adware or system optimizer is called DownloaderGuide and is incorporated as an attachment to these emails. The researchers discovered nine different executables that were delivered to emails: "World_Cup_2018_Schedule_and_Scoresheet_V1.86_CB-DL-Manager".

The company said the campaign culminated in June 5, but it reappeared shortly before the start of the Games. "Events that attract a large percentage of people are considered by cybercriminals as a golden opportunity to launch new campaigns," said Maya Horowitz, director of Checkpoint's Intelligent Threat.

The second phishing campaign, targeting Adidas customers, uses a different tactic to trick the different users. This is the so-called homographic attack which in our case uses a vertical line in the position where Adidas should be "i". "The use of punycode-based email and domain is an increasingly used technique to get users down and get infected," said Matthew Gardiner, a security expert.

Do you have an opinion? Leave your comment.

The author allows you to copy his / her text only if you report the source (SecNews.gr), as an e-mail address (Live URL) of the article.
Updated on by

Reader Interactions

Leave a reply

Your email address is not published. Τα υποχρεωτικά πεδία σημειώνονται με *