#contact-form-phishing
#contact-form-phishing

[ follow ]

ZipLine phishing campaign exploits trust in contact forms

ZipLine exploits website contact forms to initiate multi-week phishing, delivering MixShell malware in a malicious confidentiality document that uses DNS tunneling.

fromTheregister

2 days ago

ZipLine cyber attack uses White House butler pic

Instead of emailing a malicious link in an unsolicited email, the miscreants initiate contact through the organization's public Contact Us form, tricking the victim into starting the conversation and allowing the attackers to bypass email filters, according to Check Point Research, which uncovered the phishing campaign and dubbed it ZipLine. The attackers followed up via email with a series questions stretched over weeks and a meeting request before finally delivering a ZIP archive that ultimately deploys MixShell, a custom, in-memory implant.

Information security

[ Load more ]

#contact-form-phishing#contact-form-phishing

ZipLine phishing campaign exploits trust in contact forms

ZipLine cyber attack uses White House butler pic

#contact-form-phishing
#contact-form-phishing