skip to Main Content

Roundcube’s Webmail targeted by cybercrime

Technical analysis by the Malware Hunter JAMESWT

Roundcube’s Webmail targeted by cybercrime. New phishing campaign on alleged unsent messages. Using a fake provider login page, an attempt is made to steal credentials

A new e-mail-themed phishing campaign: the bait are alleged unsent messages.

Objective: to steal Roundcube Webmail credentials. The alleged victim is invited to open a link to view the emails in stock. This leads to a fake provider login page, where a username and password is required.

But, entering any combination, the same screen always reappears. In the meantime, however, the credentials have been stolen by cybercrime actors. The site, in fact, is registered in the name of third party users (hidden) and has no connection with Roundcube.

Back To Top