Security News > 2023 > June > Microsoft Uncovers Banking AitM Phishing and BEC Attacks Targeting Financial Giants
Banking and financial services organizations are the targets of a new multi-stage adversary-in-the-middle phishing and business email compromise attack, Microsoft has revealed.
"The attack originated from a compromised trusted vendor and transitioned into a series of AiTM attacks and follow-on BEC activity spanning multiple organizations," the tech giant disclosed in a Thursday report.
This enabled the attackers to flexibly tailor the phishing pages to their targets and carry out session cookie theft, underscoring the continued sophistication of AitM attacks.
"The attacker presented targets with a website that mimicked the sign-in page of the targeted application, as in traditional phishing attacks, hosted on a cloud service," Microsoft said.
Ultimately, the recipients of the phishing emails are targeted by a second AitM attack to steal their credentials and trigger yet another phishing campaign from the email inbox of one of the users whose account was hacked as a result of the AitM attack.
The development comes less than a month after Microsoft warned of a surge in BEC attacks and the evolving tactics employed by cybercriminals, including the use of platforms, like BulletProftLink, for creating industrial-scale malicious mail campaigns.
News URL
https://thehackernews.com/2023/06/microsoft-uncovers-banking-aitm.html
Related news
- New Phishing Attack Uses Clever Microsoft Office Trick to Deploy NetSupport RAT (source)
- New Banking Trojan CHAVECLOAK Targets Brazilian Users via Phishing Tactics (source)
- DarkGate Malware Exploited Recently Patched Microsoft Flaw in Zero-Day Attack (source)
- Hackers Exploiting Popular Document Publishing Sites for Phishing Attacks (source)
- New StrelaStealer Phishing Attacks Hit Over 100 Organizations in E.U. and U.S. (source)
- Iran-Linked MuddyWater Deploys Atera for Surveillance in Phishing Attacks (source)
- New MFA-bypassing phishing kit targets Microsoft 365, Gmail accounts (source)
- 17,000+ Microsoft Exchange servers in Germany are vulnerable to attack, BSI warns (source)
- Alert: New Phishing Attack Delivers Keylogger Disguised as Bank Payment Notice (source)
- Microsoft still unsure how hackers stole MSA key in 2023 Exchange attack (source)