Cisco Talos cybersecurity experts: The attacker, a single actor, deploys a variety of malware, such as DcRAT and QuasarRAT, via diplomatic and humanitarian lures.
Technical analysis by the Malware Hunter JAMESWT
eBay bait for the new phishing campaign in Italy. The link in an email points to a fake auction site page. If the user tries to log in with his or Facebook, Google and Apple credentials, they will be stolen
An ordered and undelivered product and a fake eBay page are the bait of a new phishing campaign, which has just arrived in Italy. The email threatens to contact the police if the product is not delivered within 24 hours and the order number is provided.
This contains a link that points to a fake page on the online auction site, where you are asked to enter your username and password. Or, alternatively, log in via Facebook, Google or Apple.
After entering the data, the victim is directed to the real eBay login page. In the meantime, however, the cyber criminals behind the scam have stolen his login credentials or those of other platforms through which the user will try to log in.