Pošta phishing via Viber
|
Pošta phishing via Viber
|
01-11-2023, 06:30 PM
Obavešten sam da se phishing kampanje sa brendom Pošte Srbije i dalju kreću Viberom. Domen vaxvjhjxd.cyou je kupljen preko registra u Kini (2022-07-25), a nalazi se iza CloudFlare.
“If you think you are too small to make a difference, try sleeping with a mosquito.” - Dalai Lama XIV
01-12-2023, 12:27 PM
Još jedan primer:
“If you think you are too small to make a difference, try sleeping with a mosquito.” - Dalai Lama XIV
01-12-2023, 12:43 PM
Jedan od linkova je w[.]circulationirritate[.]cn/1975fnFcdX9RRVhKe2lmAxNgdAl-LkAMUyIIXnEDP1wtDwkdUzYiPzgpPgFuQAE2TB4VCRFUEhhyGRZ5PAJLPg1GBEgLbzs&p=mnnzvb (izvor: https://twitter.com/jetmi787/status/1613279211938107397, arhivirano: https://archive.ph/dSCJI). Međutim izgleda da radi samo jednom. Stranica ima nagradna pitanja kao u u prošlim sličnim napadima (https://bezbedanbalkan.net/thread-299.html).
Verovatno stranica na kraju opet vodi na neku SMS (VAS) prevaru ili na preuzimanje malicioznog koda. Izvorni kod ima Google Analytics skript i HTML komentare na kineskom jeziku. U prilogu je HTML stranice u BASE64 formatu jer antivirusi markiraju ovu stranica kao SCAM.
“If you think you are too small to make a difference, try sleeping with a mosquito.” - Dalai Lama XIV
|
|
« Next Oldest | Next Newest »
|
