- Zimperium Research finds a Smirs campaign by taking advantage of the PDF files carefully designed
- The campaign is to identify USP
- The objective of the campaign is to steal connection identification information
Business messaging accounts can be subject to the vigilant eye of different safety solutions, but mobile devices do not enjoy the same level of protection, have warned experts, because criminals designer mobile phishing attacks advanced advanced advanced advanced To steal precious connection references.
Zimperium cybersecurity researchers have recently discovered a new campaign using a unique obscure technique – they would first built a PDF file, imitating the postal service of the United States (USPS). The file structure is quite complex, the researchers said, because it has a header, a body, a cross table and a trailer. The link, which leads to a malicious destination page, is integrated without using the standard / URI tag, which makes detection and criminalics a little more difficult.
The uniqueness of the attack is seen in the URL, which is delivered with an integrated xobject. This allows the crooks to transform it into a clickable button.
SMS messages and pdf files
The attack begins with an SMS message, instead of an email. In this way, threat actors are able to bypass all configured email security protections, but also presents two unique challenges: one – they need to know the telephone numbers of their victims, and two – The sending of bulk SMS messages is not as cheap, easy or private, as sending emails.
In the SMS message, the attackers pretend to be the USPS and, in usual fashion, warn the victims of a package. They share the link to the PDF, which then leads to a malicious destination page, where the victims end up sharing their connection identification information. This information is ultimately encrypted and relayed to the C2 server belonging to the attacker.
This campaign highlights the fact that phishing attacks can occur anywhere, not just in emails, and that companies must extend their training sessions to cover almost all the communication platforms used today .
