Cyber Attack Alert: Malware Sending Millions of Fake Emails, Microsoft Alerts
A threat actor under the moniker “DEV-1101” has developed a kit used to set up phishing scams using a program (also known as a RaaS) that mimics the design of Microsoft Office and Outlook revealed Microsoft Threat Intelligence. The program deploys AiTM phishing which can bypass MFA’s and CAPTCHA checks. Once a victim’s credentials have been stolen by a user, it also makes a copy to send to the creator of the kit!
The developed RaaS kit can also run through a ‘Telegram bot’ allowing threat actors to manage the software with a mobile device. One user of the kit called “DEV-0928” has reportedly sent over 1 million emails since September 2022. Currently, the malicious product has a monthly subscription price of $450 AUD or $1,500 AUD for VIP users.
"Inserting a CAPTCHA page into the phishing sequence could make it more difficult for automated systems to reach the final phishing page, while a human could easily click through to the next page," Microsoft stated.
RaaS (Ransomware-as-a-Service), What are they and why do they exist?
RaaS were created by threat actors to service as a business model for other threat actors, who may be unable to create their own malicious program or not have the time. Clients of the RaaS use the chosen program to deploy malicious content upon unsuspicous victims. A RaaS can work like any other program, such as Adobe programs or Microsoft’s Word, with features that can include 24/7 support, offers, reviews and help guides.
There are Four Types of revenues a RaaS can produce for it’s operator/creator:
1. Monthly subscription for a flat fee
2. Affiliate programs, which are the same as a monthly fee model but with a percent of the profits (typically 20-30%) going to the ransomware developer
3. One-time license fee with no profit sharing
4. Pure profit sharing
Your Security is our Priority
Your friendly Support Team
Speak to us about all your computer needs
This is Part of our Cyber Security awareness educational campaign. Through this training, you will learn awareness and key principles, and best practices to protect yourself, your organisation, and the public from cyber attackers. You will also be equipped with the knowledge to identify potential threats and take action before any damage can occur.