Security News > 2021 > April > APT Group Using Voice Changing Software in Spear-Phishing Campaign

APT Group Using Voice Changing Software in Spear-Phishing Campaign
2021-04-06 14:33

A sub-group of the 'Molerats' threat-actor has been using voice-changing software to successfully trick targets into installing malware, according to a warning from Cado Security.

In recent attacks targeting political opponents, APT-C-23 appears to have taken the spear-phishing to a new level, through the use of voice-changing software to pose as women.

"APT-C-23 has been observed impersonating women to engage victims in conversations. As the conversations continue, the group sends video laden with malware to infect the target's system," Cado Security said.

While analyzing a publicly exposed server pertaining to the hacking group, Cado Security researchers identified an archive containing photos from the Instagram account of a female model, along with the installation for the voice changing application Morph Vox Pro.

"Given the context of both previous APT-C-23 attacks and the other contents of the folder, we think the most likely explanation for MorphVox being part of their toolset is that it was used to produce audio messages in a female voice to encourage targets to install their malware," the company said.

On the same server, the researchers identified various tools employed by the attacks, such as the application used to bulk-send phishing emails, another to hack Voice over IP systems, one with example commands to find vulnerable routers, and a folder containing a Microsoft credential phishing page.


News URL

http://feedproxy.google.com/~r/Securityweek/~3/ii-bL2yFQ2Q/apt-group-using-voice-changing-software-spear-phishing-campaign