Skip to main content

WhatsApp voicemail phishing attack targets nearly 28K organizations

posted onApril 5, 2022
by l33tdawg
SC Magazine
Credit: SC Magazine

Researchers on Monday reported on a WhatsApp voicemail phishing attack from Russia that targeted nearly 28,000 organizations across healthcare, education and retail.

In a blog post, Armorblox researchers said the attacks combine the following techniques: social engineering, brand impersonation, exploiting a legitimate domain, and replicating an existing business email workflow to get victims to click on the “Play” button to view the allegedly secure email message. Once the victim clicks on the “Play” link in the email, they are redirected to a page that attempts to install a trojan horse, JS/Kryptik.

The researchers said the domain of the email sender was “mailman.cbddmo.ru,” a legitimate domain associated with an agency in Russia’s Ministry of Internal Affairs that provides assistance to road safety operations. The Armorblox researchers theorize that “it’s possible” the attackers exploited a depracated or old version of this agency’s parent domain to send the malicious emails. They said the emails did pass all SPF and DMARC authentication checks.

Source

Tags

Industry News

You May Also Like

Recent News

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th