Trustwave specialists have revealed the secret of the popularity of the new PhaaS platform.
Researchers from Trustwave reported on the steady growth of PhaaS-a platform called Greatness, aimed at collecting Microsoft 365 user credentials.
Greatness is sold to other cybercriminals as a ready-made phishing kit with a supported infrastructure for just $120 per month, which reduces the entry threshold and helps even inexperienced hackers carry out large-scale attacks.
Attack chains include sending phishing emails with malicious HTML attachments that, when opened, redirect recipients to a fake login page and intercept the entered credentials.
To increase the probability of success, emails mimic trusted sources, such as banks and employers, and create a false sense of urgency, which is a classic technique of attackers.
The number of victims of the campaign is currently unknown, but Greatness is actively used and supported, having its own community in Telegram for sharing tips and methods of attacks.
In addition, phishing attacks have also been observed against South Korean companies that use decoys that mimic technology companies to distribute VenomRAT (aka AsyncRAT) through malicious Windows shortcut files (LNKS).
"Fake shortcut files disguised as legitimate documents are continuously being distributed," warns the AhnLab Security Analysis Center (ASEC). Users may mistake the shortcut file for a regular document, since the extension". LNK"is not displayed in the standard Windows Explorer.
Researchers from Trustwave reported on the steady growth of PhaaS-a platform called Greatness, aimed at collecting Microsoft 365 user credentials.
Greatness is sold to other cybercriminals as a ready-made phishing kit with a supported infrastructure for just $120 per month, which reduces the entry threshold and helps even inexperienced hackers carry out large-scale attacks.
Attack chains include sending phishing emails with malicious HTML attachments that, when opened, redirect recipients to a fake login page and intercept the entered credentials.
To increase the probability of success, emails mimic trusted sources, such as banks and employers, and create a false sense of urgency, which is a classic technique of attackers.
The number of victims of the campaign is currently unknown, but Greatness is actively used and supported, having its own community in Telegram for sharing tips and methods of attacks.
In addition, phishing attacks have also been observed against South Korean companies that use decoys that mimic technology companies to distribute VenomRAT (aka AsyncRAT) through malicious Windows shortcut files (LNKS).
"Fake shortcut files disguised as legitimate documents are continuously being distributed," warns the AhnLab Security Analysis Center (ASEC). Users may mistake the shortcut file for a regular document, since the extension". LNK"is not displayed in the standard Windows Explorer.
