APT pushes Holiday gift card scam in ploy targeting last-minute shoppers

18 December 2023

More advanced email and SMS phishing attacks have been launched by the Storm-0539 threat operation to achieve gift card fraud and theft against organizations in the retail industry amid the holiday shopping season, The Hacker News reports. After exfiltrating targets’ credentials and session tokens through adversary-in-the-middle phishing pages attached to malicious links sent in the phishing emails, Storm-0539 then includes its device for secondary authentication to evade multi-factor authentication and establish persistence before performing lateral movement and stealing sensitive data from cloud resources, said the Microsoft Threat Intelligence team in a series of posts on X, formerly Twitter.

Source: SC Magazine

Date:

18 December 2023

Categorie(s):

NEWS

Tag(s):

APT, Holidays, Identity Theft, IT, Phishing

Microsoft plans to lock down Windows DNS like never before. Here’s how.4 May 2024
Kaspersky hits back at claims its AI helped Russia develop military drone systems4 May 2024
Kaspersky hits back at claims it helped Russia develop military drone systems3 May 2024
Smoke and (screen) mirrors: A strange signed backdoor3 May 2024
Kaspersky accused of helping Russia develop military drone systems3 May 2024