Security News > 2022 > August > Phishing attack abuses Microsoft Azure, Google Sites to steal crypto
A new large-scale phishing campaign targeting Coinbase, MetaMask, Kraken, and Gemini users is abusing Google Sites and Microsoft Azure Web App to create fraudulent sites.
Posting links to phishing pages on various legitimate sites aims to increase traffic and boost the malicious site's search engine rankings.
Because the phishing sites are hosted in Microsoft and Google services, they aren't flagged by automated moderator systems, allowing promotional messages to stay in the comment section for longer.
Google Sites is a free web page creation tool, part of Google's online service suite, allowing users to create websites and host them on Google Cloud or other providers.
The sites are just landing pages, and their visitors are redirected to the actual phishing sites when they click on the "Login" buttons.
For the crypto exchange phishing pages, the threat actors attempt to steal their login credentials.
News URL
Related news
- DOJ, Microsoft seize 107 domains used in Russia's Star Blizzard phishing attacks (source)
- Australian Organisations Targeted by Phishing Attacks Disguised as Atlassian (source)
- Free Sniper Dz Phishing Tools Fuel 140,000+ Cyber Attacks Targeting User Credentials (source)
- Google Adds New Pixel Security Features to Block 2G Exploits and Baseband Attacks (source)
- Microsoft and DOJ disrupt Russian FSB hackers' attack infrastructure (source)
- Microsoft issues 117 patches – some for flaws already under attack (source)
- Microsoft Detects Growing Use of File Hosting Services in Business Email Compromise Attacks (source)
- GitHub, Telegram Bots, and ASCII QR Codes Abused in New Wave of Phishing Attacks (source)
- Crypto-apocalypse soon? Chinese researchers find a potential quantum attack on classical encryption (source)
- Astaroth Banking Malware Resurfaces in Brazil via Spear-Phishing Attack (source)