Financially Motivated Chinese Threat Actor SilkSpecter Targeting Black Friday Shoppers

SUMMARY :

A Chinese financially motivated threat actor, dubbed SilkSpecter, has been uncovered targeting e-commerce shoppers in Europe and USA with a phishing campaign leveraging Black Friday discounts. The actor uses fake discounted products as lures to steal Cardholder Data, Sensitive Authentication Data, and Personally Identifiable Information. SilkSpecter exploits the legitimate payment processor Stripe to complete genuine transactions while covertly exfiltrating sensitive data. The phishing sites use Google Translate to dynamically adjust the language based on the victim's IP location. The campaign is linked to a Chinese SaaS platform, oemapps, which enables the creation of convincing fake e-commerce sites. The phishing domains primarily use .top, .shop, .store, and .vip TLDs, often typosquatting legitimate e-commerce organizations.

OPENCTI LABELS :

phishing,financial fraud,e-commerce,chinese threat actor,oemapps,black friday,google translate,stripe


Open in NetmanageIT OpenCTI Public Instance with below link!


Use public read only username and password on login page.

NOTE : Use Public READ only user credentials on login page banner.


Financially Motivated Chinese Threat Actor SilkSpecter Targeting Black Friday Shoppers