Security News > 2020 > October > Hackers now abuse BaseCamp for free malware hosting
Phishing campaigns have started to use Basecamp as part of malicious phishing campaigns that distribute malware or steal your login credentials.
As Basecamp offers a free license, users get free hosting that they can use to distribute any type of file they want.
By using Basecamp URLs, threat actors can create carefully constructed and targeted campaigns to infiltrate a network as users may feel that the file is from their Basecamp project.
In a report by cybersecurity firm Cyjax, Thomas explains that phishing campaigns are now abusing Basecamp to host intermediary pages that redirect users to phishing landing pages.
"This technique is effective because Basecamp and Google Cloud hosting are often used for business operations and are regarded as safe by default by most detection systems. Cloud platforms also preserve the anonymity of their users and can be set up in no time at all. They are difficult for human SOC analysts to recognise as a threat because the traffic to and from these services appears legitimate," Thomas explains in his report.
News URL
https://www.bleepingcomputer.com/news/security/hackers-now-abuse-basecamp-for-free-malware-hosting/
Related news
- Russian Hackers Using Fake Brand Sites to Spread DanaBot and StealC Malware (source)
- Hackers use PHP exploit to backdoor Windows systems with new malware (source)
- South Korean hackers exploited WPS Office zero-day to deploy malware (source)
- Hackers Use Fake GlobalProtect VPN Software in New WikiLoader Malware Attack (source)
- Fake OnlyFans cybercrime tool infects hackers with malware (source)
- GeoServer Vulnerability Targeted by Hackers to Deliver Backdoors and Botnet Malware (source)
- Chinese hackers use new data theft malware in govt attacks (source)
- North Korean Hackers Target Cryptocurrency Users on LinkedIn with RustDoor Malware (source)
- North Korean Hackers Target Energy and Aerospace Industries with New MISTPEN Malware (source)
- Chinese Hackers Exploit GeoServer Flaw to Target APAC Nations with EAGLEDOOR Malware (source)