Security News > 2023 > July > Fenix Cybercrime Group Poses as Tax Authorities to Target Latin American Users

Fenix Cybercrime Group Poses as Tax Authorities to Target Latin American Users
2023-07-26 10:52

Tax-paying individuals in Mexico and Chile have been targeted by a Mexico-based cybercrime group that goes by the name Fenix to breach targeted networks and steal valuable data.

"These fake websites prompt users to download a supposed security tool, claiming it will enhance their portal navigation safety," Metabase Q security researchers Gerardo Corona and Julio Vidal said in a recent analysis.

The mechanics of the campaign proceeds thus: Visitors landing on the impersonated websites are urged to download software that supposedly safeguards their data while browsing the portal.

Users are lured via phishing sites set up to download legitimate apps like AnyDesk.

"[Fenix] compromises weak websites using vulnerable WordPress engines and also creates new domains to launch phishing campaigns," the researchers said, adding the group "Creates typosquatting domains similar to known apps like AnyDesk, WhatsApp, etc."

"We are seeing new malicious groups being created in LATAM to provide initial access to ransomware gangs," the researchers concluded.


News URL

https://thehackernews.com/2023/07/fenix-cybercrime-group-poses-as-tax.html