In a blog post, the Microsoft 365 Defender Threat Intelligence Team shares that the campaign began with the objective of harvesting usernames, and passwords, but has since moved on to collate other information such as IP addresses and the location of its victims, which the attackers supposedly use in later infiltration attempts.
“This phishing campaign exemplifies the modern email threat: sophisticated, evasive, and relentlessly evolving,” the researchers note.
TechRadar needs you!
We’re looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won’t take more than 60 seconds of your time, and we’d hugely appreciate if you’d share your experiences with us.
- Shield yourself with these best identity theft protection services
- Here’s our choice of the best malware removal software on the market
- Check our list of the best firewall apps and services
Since the campaign includes various details about the targets, such as their email address and company logo to appear genuine, Microsoft believes the attackers had garnered these details during an earlier reconnaissance exercise.
Constantly evolving threat
The security researchers note that this campaign is also a prime example of how email-based attacks continue to make novel attempts to bypass email security solutions.
For instance, to keep the security teams on their toes, the attackers changed obfuscation and encryption mechanisms every 37 days on average.
“These attackers moved from using plaintext HTML code to employing multiple encoding techniques, including old and unusual encryption methods like Morse code, to hide these attack segments,” share the researchers, noting that some of the code segments of the campaign reside in various open directories and are called by encoded scripts.
Comparing it to a jigsaw puzzle, the researchers noted that the pieces of the campaign appear harmless individually, and only reveal their sinister intent once they are combined.
- Protect your devices with these best antivirus software
With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.