Unwrapping the AIZ—Aggressive Inventory Zombies—Retail & Crypto Phishing Network Campaign
Essential information
- Published
- 13/12/2024 13:21
- Modified
- 13/12/2024 13:31
- Tags
- 2024-12-13 e-commerce impersonation phishing retail
- Related entities
- 59 observables, 1 intrusion sets (apt), 8 techniques (mitre), 1 others
Description
A large-scale phishing campaign targeting retail brands and cryptocurrency users has been uncovered. The campaign, dubbed 'Aggressive Inventory Zombies' (AIZ), initially impersonated Etsy but expanded to target major retailers like Amazon, BestBuy, and eBay. The threat actor uses a popular website template to create phishing sites, integrating chat services for malicious activities. The campaign also targets crypto audiences with a substantial network of phishing sites. The research revealed financial ties to India and collaboration with Stark Industries led to the discovery of additional infrastructure. The campaign employs various tactics, including bulk pricing schemes and live chat widgets for phishing. Multiple cryptocurrency-related phishing efforts were also identified, targeting various crypto brands and exchanges.