Effective Phishing Campaign Targeting European Companies and Institutions
NetmanageIT OpenCTI - opencti.netmanageit.com
SUMMARY :
A sophisticated phishing operation targeting European automotive, chemical, and industrial manufacturing companies has been uncovered. The campaign, which peaked in June 2024, used HubSpot Free Form Builder and Docusign-enabled PDFs to harvest account credentials and infiltrate Microsoft Azure cloud infrastructures. Approximately 20,000 users were targeted across various European organizations. The attackers employed multiple redirection techniques, custom user-agent strings, and Bulletproof VPS hosts to evade detection. Once access was gained, the threat actors attempted to maintain persistence by adding new devices to compromised accounts. The campaign highlights the ongoing threat of targeted phishing attacks against corporate cloud infrastructures.
OPENCTI LABELS :
phishing,persistence,credential harvesting,redirection,docusign,european companies,hubspot,microsoft azure
Open in NetmanageIT OpenCTI Public Instance with below link!
Use public read only username and password on login page.
NOTE : Use Public READ only user credentials on login page banner.
Effective Phishing Campaign Targeting European Companies and Institutions