SecuritySnack: 18+E-Crime
Essential information
- Published
- 06/10/2025 11:06
- Modified
- 06/10/2025 11:37
- Tags
- 2025-10-06 android malware credential-theft lure websites social engineering spoofed domains trojans windows malware
- Related entities
- 140 observables, 5 techniques (mitre), 16 others
Description
A financially motivated cybercrime operation has been identified, targeting users with over 80 spoofed domain names and lure websites. The campaign, which began in September 2024, focuses on government tax sites, consumer banking, age 18+ social media content, and Windows assistant applications. The actors use these domains to deliver Android and Windows trojans, likely for credential theft. The operation employs common techniques such as spoofed domains and lure websites, prioritizing scale and conversion rates over technical sophistication. The most common lures exploit curiosity and desire, making victims less likely to report infections. Users are advised to be cautious when encountering unfamiliar links or download prompts.