Hacker Exploit Social Security Statement Theme to Target Over 2,000 Victims with Malware
NetmanageIT OpenCTI - opencti.netmanageit.com
SUMMARY :
A sophisticated phishing campaign has targeted over 2,000 individuals by exploiting the theme of official Social Security statements. Cybercriminals used a convincing phishing lure, mimicking legitimate communication from the Social Security Administration. The attack involved a URL directing victims to a phishing page hosted on Amazon Web Services, enhancing its perceived legitimacy. Users were tricked into downloading and executing malware, which is a .NET application loader that installs ScreenConnect, establishing a silent connection to the attacker's command-and-control server. The malware's behavior includes loading additional files and executing a primary backdoor component. The campaign's impact is significant, with a large percentage of targeted users unknowingly installing the malware.
OPENCTI LABELS :
backdoor,phishing,screenconnect,remote-access,.net-loader,amazon-aws,social-security
Open in NetmanageIT OpenCTI Public Instance with below link!
Use public read only username and password on login page.
NOTE : Use Public READ only user credentials on login page banner.
Hacker Exploit Social Security Statement Theme to Target Over 2,000 Victims with Malware