Security News > 2022 > August > Phishing attack abuses Microsoft Azure, Google Sites to steal crypto
A new large-scale phishing campaign targeting Coinbase, MetaMask, Kraken, and Gemini users is abusing Google Sites and Microsoft Azure Web App to create fraudulent sites.
Posting links to phishing pages on various legitimate sites aims to increase traffic and boost the malicious site's search engine rankings.
Because the phishing sites are hosted in Microsoft and Google services, they aren't flagged by automated moderator systems, allowing promotional messages to stay in the comment section for longer.
Google Sites is a free web page creation tool, part of Google's online service suite, allowing users to create websites and host them on Google Cloud or other providers.
The sites are just landing pages, and their visitors are redirected to the actual phishing sites when they click on the "Login" buttons.
For the crypto exchange phishing pages, the threat actors attempt to steal their login credentials.
News URL
Related news
- North Korean hackers adopt ClickFix attacks to target crypto firms (source)
- Phishing platform 'Lucid' behind wave of iOS, Android SMS attacks (source)
- Microsoft Warns of Tax-Themed Email Attacks Using PDFs and QR Codes to Deliver Malware (source)
- Google fixes Android zero-days exploited in attacks, 60 other flaws (source)
- Google's got a hot cloud infosec startup, a new unified platform — and its eye on Microsoft's $20B+ security biz (source)
- iOS devices face twice the phishing attacks of Android (source)
- Microsoft Defender will isolate undiscovered endpoints to block attacks (source)
- Tycoon2FA phishing kit targets Microsoft 365 with new tricks (source)
- Gamma AI Platform Abused in Phishing Chain to Spoof Microsoft SharePoint Logins (source)
- Windows NTLM hash leak flaw exploited in phishing attacks on governments (source)