CyberSecurity news
info@thehackernews.com (The@The Hacker News
//
A new phishing-as-a-service (PhaaS) platform named 'Morphing Meerkat' is making waves in the cybersecurity world. Discovered by Infoblox Threat Intel, this platform leverages Domain Name System (DNS) mail exchange (MX) records to serve fake login pages that mimic over 100 brands. This allows attackers to tailor their phishing attempts, making them more convincing and harder to detect, as the login pages dynamically adjust to match the victim's email service provider.
The Morphing Meerkat phishing kit has evolved over time, now capable of dynamically translating phishing content into over a dozen languages. It also incorporates sophisticated evasion techniques, such as exploiting open redirects on adtech infrastructure and using compromised WordPress websites. Security experts emphasize the need for robust DNS security measures to combat this evolving threat and protect against credential theft.
ImgSrc: blogger.googleu
References :
- The Hacker News: Cybersecurity researchers have shed light on a new phishing-as-a-service (PhaaS) platform that leverages the Domain Name System (DNS) mail exchange (MX) records to serve fake login pages that impersonate about 114 brands.
- : A PhaaS platform, dubbed 'Morphing Meerkat,' uses DNS MX records to spoof over 100 brands and steal credentials, according to Infoblox Threat Intel
- www.scworld.com: More than 100 brands' login pages have been spoofed by the newly emergent Morphing Meerkat phishing-as-a-service platform through the exploitation of Domain Name System mail exchange records, The Hacker News reports.
- Cyber Security News: Hackers Use DNS MX Records to Generate Fake Login Pages for Over 100+ Brands
- The DefendOps Diaries: Explore Morphing Meerkat, a sophisticated Phishing-as-a-Service threat using advanced evasion techniques to bypass cybersecurity defenses.
- www.techradar.com: This new phishing campaign can tailor its messages to target you with your favorite businesses
Classification:
- HashTags: #Phishing #PhaaS #DNS
- Company: Infoblox
- Target: Online users
- Attacker: Morphing Meerkat
- Product: DNS
- Feature: DNS MX Record exploitation
- Malware: Morphing Meerkat
- Type: Phishing
- Severity: Medium