Phoenix IT

Author: origin

Fake Trading Apps Target Victims Globally via Apple App Store and Google Play

Fake Trading Apps Target Victims Globally via Apple App Store and Google Play

A large-scale fraud campaign leveraged fake trading apps published on the Apple App Store and Google Play Store, as well as phishing sites, to defraud victims, per findings from Group-IB. The campaign is part of a consumer investment fraud scheme that’s also widely known as pig butchering, in which prospective victims are lured into making investments in cryptocurrency

Read More
China-Linked CeranaKeeper Targeting Southeast Asia with Data Exfiltration

China-Linked CeranaKeeper Targeting Southeast Asia with Data Exfiltration

A previously undocumented threat actor called CeranaKeeper has been linked to a string of data exfiltration attacks targeting Southeast Asia. Slovak cybersecurity firm ESET, which observed campaigns targeting governmental institutions in Thailand starting in 2023, attributed the activity cluster as aligned to China, leveraging tools previously identified as used by the Mustang Panda actor. “The group constantly updates its

Read More
Researchers Warn of Ongoing Attacks Exploiting Critical Zimbra Postjournal Flaw

Researchers Warn of Ongoing Attacks Exploiting Critical Zimbra Postjournal Flaw

Cybersecurity researchers are warning about active exploitation attempts targeting a newly disclosed security flaw in Synacor’s Zimbra Collaboration. Enterprise security firm Proofpoint said it began observing the activity starting September 28, 2024. The attacks seek to exploit CVE-2024-45519, a severe security flaw in Zimbra’s postjournal service that could enable unauthenticated attackers to execute arbitrary commands on

Read More
PyPI Repository Found Hosting Fake Crypto Wallet Recovery Tools That Steal User Data

PyPI Repository Found Hosting Fake Crypto Wallet Recovery Tools That Steal User Data

A new set of malicious packages has been unearthed in the Python Package Index (PyPI) repository that masqueraded as cryptocurrency wallet recovery and management services, only to siphon sensitive data and facilitate the theft of valuable digital assets. “The attack targeted users of Atomic, Trust Wallet, Metamask, Ronin, TronLink, Exodus, and other prominent wallets in

Read More