The publications are suspended, except for particular events, from 1 to 21 August. In the meantime, we are preparing some news for the second half of the year.
Technical analysis by the Malware Hunter JAMESWT
Roundcube’s Webmail targeted by cybercrime. New phishing campaign on alleged unsent messages. Using a fake provider login page, an attempt is made to steal credentials
A new e-mail-themed phishing campaign: the bait are alleged unsent messages.
Objective: to steal Roundcube Webmail credentials. The alleged victim is invited to open a link to view the emails in stock. This leads to a fake provider login page, where a username and password is required.
But, entering any combination, the same screen always reappears. In the meantime, however, the credentials have been stolen by cybercrime actors. The site, in fact, is registered in the name of third party users (hidden) and has no connection with Roundcube.