Hack Reports - Latest Cybersecurity News, Trends & Updates

Scammers Impersonate Authorities to Swipe OTPs with Remote Access Apps

Geetansh -

Latest News on Government Impersonation Scam, Remote Access Tools Fraud in the Middle East, and OTPs Theft via Remote Access Apps

Government Impersonation Scam

There is no specific recent news on government impersonation scams in the latest sources provided. However, the broader context of cyber threats and scams is covered in various articles:

  • General Cyber Threats: The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) issued sanctions against a Beijing-based cybersecurity company, Integrity Technology Group, Incorporated, for orchestrating several cyber attacks against U.S. victims, attributed to a Chinese state-sponsored threat actor tracked as Flax Typhoon (aka Ethereal Panda) 4.
  • Ransomware Attacks: The 8Base ransomware group attacked Croatia’s Port of Rijeka, stealing sensitive data, including contracts and accounting information 2.

Remote Access Tools Fraud in the Middle East

Eagerbee Malware: New variants of the Eagerbee malware framework are targeting government organizations and ISPs in the Middle East. This malware exploits Microsoft Exchange ProxyLogon vulnerabilities (CVE-2021-26855) to gain initial access and uses DLL hijacking to load a backdoor into memory, enabling 24/7 operations. The malware's capabilities are enhanced by plugins, including file, process, service, network, and remote access managers 14.

OTPs Theft via Remote Access Apps

RedLine Info-Stealer Campaign: An ongoing RedLine information-stealing campaign is targeting Russian businesses using pirated corporate software. The attackers disguise the malware as a tool to bypass licensing for business automation software, distributing it via Russian online forums 2.

PLAYFULGHOST Malware: A new malware family called PLAYFULGHOST has been identified, which includes capabilities such as keylogging, screen and audio capture, remote shell access, and file transfer/execution. This malware shares functional overlaps with a known remote administration tool referred to as Gh0st RAT 45.

Summary

  • Government Impersonation Scam: No specific recent news on government impersonation scams.
  • Remote Access Tools Fraud in the Middle East: The Eagerbee malware framework is targeting government organizations and ISPs in the Middle East.
  • OTPs Theft via Remote Access Apps: The RedLine info-stealer campaign and the PLAYFULGHOST malware are examples of threats involving remote access apps and potential OTPs theft.

These threats highlight the ongoing and evolving nature of cyber threats, emphasizing the need for continuous vigilance and robust security measures to mitigate risks.