Hackers are flocking to a new SMS spam tool - 'Xeon Sender' exploits cloud APIs and exposed credentials to supercharge phishing campaigns

Hackers are flocking to a new SMS spam tool - 'Xeon Sender' exploits cloud APIs and exposed credentials to supercharge phishing campaigns

Briefly

Xeon Sender is a cloud-based phishing tool that allows attackers to send spam messages using legitimate APIs from nine different SaaS providers, simplifying large-scale attacks.

ITProhttps://www.itpro.com/security/cyber-attacks/hackers-are-flocking-to-a-new-sms-spam-tool-xeon-sender-exploits-cloud-apis-and-exposed-credentials-to-supercharge-phishing-campaigns

Attackers leveraging Xeon Sender must possess API keys for targeted services, making the acquisition of these credentials a challenge. This may lead to attackers seeking already compromised accounts.

ITProhttps://www.itpro.com/security/cyber-attacks/hackers-are-flocking-to-a-new-sms-spam-tool-xeon-sender-exploits-cloud-apis-and-exposed-credentials-to-supercharge-phishing-campaigns

Sentinel Labs described Xeon Sender as lacking the sophistication required for high-level spam campaigns, pointing out its unclear API calls and other usability issues that diminish its effectiveness.

ITProhttps://www.itpro.com/security/cyber-attacks/hackers-are-flocking-to-a-new-sms-spam-tool-xeon-sender-exploits-cloud-apis-and-exposed-credentials-to-supercharge-phishing-campaigns

Although Xeon Sender can facilitate mass spamming, its limitations likely prevent professional spammers from adopting it widely. The tool appears more suited for entry-level hackers.

ITProhttps://www.itpro.com/security/cyber-attacks/hackers-are-flocking-to-a-new-sms-spam-tool-xeon-sender-exploits-cloud-apis-and-exposed-credentials-to-supercharge-phishing-campaigns