Security News > 2024 > October > GitHub, Telegram Bots, and ASCII QR Codes Abused in New Wave of Phishing Attacks
2024-10-11 17:13
A new tax-themed malware campaign targeting insurance and finance sectors has been observed leveraging GitHub links in phishing email messages as a way to bypass security measures and deliver Remcos RAT, indicating that the method is gaining traction among threat actors. "In this campaign, legitimate repositories such as the open-source tax filing software, UsTaxes, HMRC, and InlandRevenue were
News URL
https://thehackernews.com/2024/10/github-telegram-bots-and-qr-codes.html
Related news
- Midnight Blizzard Escalates Spear-Phishing Attacks On Over 100 Organizations (source)
- Windows infected with backdoored Linux VMs in new phishing attacks (source)
- New Phishing Tool GoIssue Targets GitHub Developers in Bulk Email Campaigns (source)
- GoIssue phishing tool targets GitHub developer credentials (source)
- PyPI Python Library "aiocpa" Found Exfiltrating Crypto Keys via Telegram Bot (source)
- Phishing-as-a-Service "Rockstar 2FA" Targets Microsoft 365 Users with AiTM Attacks (source)
- GenAI makes phishing attacks more believable and cost-effective (source)
- QR codes bypass browser isolation for malicious C2 communication (source)
- Black Basta Ransomware Evolves with Email Bombing, QR Codes, and Social Engineering (source)
- CERT-UA Warns of Phishing Attacks Targeting Ukraine’s Defense and Security Force (source)