Security News > 2024 > October > GitHub, Telegram Bots, and ASCII QR Codes Abused in New Wave of Phishing Attacks
2024-10-11 17:13
A new tax-themed malware campaign targeting insurance and finance sectors has been observed leveraging GitHub links in phishing email messages as a way to bypass security measures and deliver Remcos RAT, indicating that the method is gaining traction among threat actors. "In this campaign, legitimate repositories such as the open-source tax filing software, UsTaxes, HMRC, and InlandRevenue were
News URL
https://thehackernews.com/2024/10/github-telegram-bots-and-qr-codes.html
Related news
- Phishing-as-a-Service "Rockstar 2FA" Targets Microsoft 365 Users with AiTM Attacks (source)
- GenAI makes phishing attacks more believable and cost-effective (source)
- QR codes bypass browser isolation for malicious C2 communication (source)
- Black Basta Ransomware Evolves with Email Bombing, QR Codes, and Social Engineering (source)
- CERT-UA Warns of Phishing Attacks Targeting Ukraine’s Defense and Security Force (source)
- Inside the incident: Uncovering an advanced phishing attack (source)
- Ongoing phishing attack abuses Google Calendar to bypass spam filters (source)
- Ransomware gangs pose as IT support in Microsoft Teams phishing attacks (source)