Mama mia! Nintendo in need of a plumber after leak sprays N64, GameCube, Wii code

2020-05-11 11:43

With so many people working from home, it should come as no surprise that WebEx accounts have become a target for phishing.

A stolen account would let an attacker potentially spy on company meetings and social engineer further accounts and data thefts.

Pretty standard phishing operation, but for people not used to having their WebEx accounts targeted, it could prove effective.

If a PDF or Word document was hosted on Cloudfront, and this document contained sensitive information - such as what accounts a customer should send money to - then the hacker would be able to switch that document out with their own version. In that way, they'd be able to change the real account number to his own, and thereby steal the customer's money," the researchers explained.

The ruse does not end once the mark hands over their account and payment card details either, as the phishing page then throws up an error message and redirects back to the EE website.

News URL

https://go.theregister.co.uk/feed/www.theregister.co.uk/2020/05/11/infosec_roundup/

#leak #nintendo