Pick your Poison - A Double-Edged Email Attack

SUMMARY :

A sophisticated cyber-attack has been identified by the Cofense Phishing Defense Center, combining phishing techniques targeting Office365 credentials with malware delivery. The campaign uses a file deletion reminder as bait, exploiting a legitimate file-sharing service to increase credibility. Users are led to a fake Microsoft login page or prompted to download malware disguised as a OneDrive installer. The attack employs ConnectWise RAT, a legitimate remote administration tool exploited for malicious purposes. The malware establishes persistence through system services and registry modifications, highlighting the need for enhanced user awareness and education to combat such dual-threat approaches.

OPENCTI LABELS :

phishing,credential theft,connectwise rat,office365,file-sharing


Open in NetmanageIT OpenCTI Public Instance with below link!


Use public read only username and password on login page.

NOTE : Use Public READ only user credentials on login page banner.


Pick your Poison - A Double-Edged Email Attack