Security News > 2022 > November > Luna Moth Gang Invests in Call Centers to Target Businesses with Callback Phishing Campaigns

The Luna Moth campaign has extorted hundreds of thousands of dollars from several victims in the legal and retail sectors.

The attacks are notable for employing a technique called callback phishing or telephone-oriented attack delivery, wherein the victims are social engineered into making a phone call through phishing emails containing invoices and subscription-themed lures.

Palo Alto Networks Unit 42 said the attacks are the "Product of a single highly organized campaign," adding, "This threat actor has significantly invested in call centers and infrastructure that's unique to each victim."

In reality the victims are routed to an actor-controlled call center and connected to a live agent on the other end, who ends up installing a remote access tool for persistence.

The campaign may be resource intensive, but is also technically less sophisticated and likely to have a much higher success rate than other phishing attacks.

The Luna Moth actor, also known as Silent Ransom, has become an expert of sorts when it comes to pulling off such schemes.

News URL

https://thehackernews.com/2022/11/luna-moth-gang-invests-in-call-centers.html