Security News > 2024 > October > GitHub, Telegram Bots, and ASCII QR Codes Abused in New Wave of Phishing Attacks
2024-10-11 17:13
A new tax-themed malware campaign targeting insurance and finance sectors has been observed leveraging GitHub links in phishing email messages as a way to bypass security measures and deliver Remcos RAT, indicating that the method is gaining traction among threat actors. "In this campaign, legitimate repositories such as the open-source tax filing software, UsTaxes, HMRC, and InlandRevenue were
News URL
https://thehackernews.com/2024/10/github-telegram-bots-and-qr-codes.html
Related news
- Microsoft Sway abused in massive QR code phishing campaign (source)
- New QR Code Phishing Campaign Exploits Microsoft Sway to Steal Credentials (source)
- Threat Actors Exploit Microsoft Sway to Host QR Code Phishing Campaigns (source)
- Xeon Sender Tool Exploits Cloud APIs for Large-Scale SMS Phishing Attacks (source)
- Cybercriminals exploit file sharing services to advance phishing attacks (source)
- CERT-UA Warns of New Vermin-Linked Phishing Attacks with PoW Bait (source)
- Foiling bot attacks with AI-powered telemetry (source)
- How AitM Phishing Attacks Bypass MFA and EDR—and How to Fight Back (source)
- Novel attack on Windows spotted in phishing campaign run from and targeting China (source)
- Cybercriminals Exploit HTTP Headers for Credential Theft via Large-Scale Phishing Attacks (source)