Cyble
-
Water Saci campaign in Brazil uses WhatsApp worm, HTA and Python to deliver banking trojan; RelayNFC Android malware also active
Researchers say the Water Saci group has adopted a layered HTA/PDF/WhatsApp Web worm and a Python-based propagation script to deliver an AutoIt-backed banking trojan in Brazil, while a separate RelayNFC Android threat targets contactless payments.
-
Over 4,300 Domains Used in Mass Phishing Campaign Targeting Hotel Guests
Researchers say a Russian-speaking threat actor registered more than 4,300 domains this year to run a large phishing campaign impersonating hotel booking services and harvesting payment data and credentials.
