The Hacker News Logo
Subscribe to Newsletter
CrowdSec

The Hacker News - Most Trusted Cyber Security and Computer Security Analysis: Smishing Attack

Hackers Behind Twilio Breach Also Targeted Cloudflare Employees

Hackers Behind Twilio Breach Also Targeted Cloudflare Employees

August 10, 2022Ravie Lakshmanan
Web infrastructure company Cloudflare on Tuesday disclosed at least 76 employees and their family members received text messages on their personal and work phones bearing similar characteristics as that of the sophisticated  phishing attack against Twilio . The attack, which transpired around the same time Twilio was targeted, came from four phone numbers associated with T-Mobile-issued SIM cards and was ultimately unsuccessful. The text messages pointed to a seemingly legitimate domain containing the keywords "Cloudflare" and "Okta" in an attempt to deceive the employees into handing over their credentials. The wave of over 100 smishing messages commenced less than 40 minutes after the rogue domain was registered via Porkbun, the company noted, adding the phishing page was designed to relay the credentials entered by unsuspecting users to the attacker via Telegram in real-time. This also meant that the attack could defeat 2FA roadblocks, as the Time-based On
Twilio Suffers Data Breach After Employees Fall Victim to SMS Phishing Attack

Twilio Suffers Data Breach After Employees Fall Victim to SMS Phishing Attack

August 09, 2022Ravie Lakshmanan
Customer engagement platform Twilio on Monday disclosed that a "sophisticated" threat actor gained "unauthorized access" using an SMS-based phishing campaign aimed at its staff to gain information on a "limited number" of accounts. The social-engineering attack was bent on stealing employee credentials, the company said, calling the as-yet-unidentified adversary "well-organized" and "methodical in their actions." The incident came to light on August 4. "This broad based attack against our employee base succeeded in fooling some employees into providing their credentials," it  said  in a notice. "The attackers then used the stolen credentials to gain access to some of our internal systems, where they were able to access certain customer data." The communications giant has  268,000 active customer accounts , and counts companies like Airbnb, Box, Dell, DoorDash, eBay, Glassdoor, Lyft, Salesforce, Stripe, Twitter,
Overview of Top Mobile Security Threats in 2022

Overview of Top Mobile Security Threats in 2022

June 28, 2022The Hacker News
Your smartphone is your daily companion. The chances are that most of our activities rely on them, from ordering food to booking medical appointments. However, the threat landscape always reminds us how vulnerable smartphones can be.  Consider the recent  discovery by Oversecured , a security startup. These experts observed the dynamic code loading and its potential dangers. Why is this a problem? Well, the Google app uses code that does not come integrated with the app itself. Okay, this might sound confusing, but it all works in favor of optimizing certain processes. Thus, Google exploits code libraries pre-installed on Android phones to reduce their download size. In fact, many Android apps use this trick to optimize the storage space needed to run.  As revealed by Oversecured, perpetrators could compromise this retrieval of code from libraries. Instead of Google obtaining code from a reliable source, it could be tricked into taking code from malicious apps operating on the devic
FluBot Android Spyware Taken Down in Global Law Enforcement Operation

FluBot Android Spyware Taken Down in Global Law Enforcement Operation

June 01, 2022Ravie Lakshmanan
An international law enforcement operation involving 11 countries has culminated in the takedown of a notorious mobile malware threat called  FluBot . "This Android malware has been spreading aggressively through SMS, stealing passwords, online banking details and other sensitive information from infected smartphones across the world," Europol  said  in a statement. The "complex investigation" included authorities from Australia, Belgium, Finland, Hungary, Ireland, Romania, Spain, Sweden, Switzerland, the Netherlands, and the U.S. FluBot , also called Cabassous, emerged in the wild in December 2020, masking its insidious intent behind the veneer of seemingly innocuous package tracking applications such as FedEx, DHL, and Correos.  It primarily spreads via smishing (aka SMS-based phishing) messages that trick unsuspecting recipients into clicking on a link to download the malware-laced apps. Once launched, the app would proceed to request access to Android
Online Courses and Software

Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.