CyberSecurity news
FlagThis
@www.silentpush.com
//
A China-based eCrime group known as the Smishing Triad has expanded its operations, targeting users across more than 121 countries with sophisticated SMS phishing campaigns. Originally focused on impersonating toll road operators and shipping companies, the group has now pivoted to directly target customers of international financial institutions. This expansion is accompanied by a dramatic increase in their cybercrime infrastructure and support staff, signaling a significant escalation in their activities. The group's operations span a diverse range of industries, including postal, logistics, telecommunications, transportation, finance, retail, and public sectors.
The Smishing Triad's infrastructure is vast, utilizing over 8,800 unique IP addresses and stretching across more than 200 Autonomous System Numbers (ASNs). Recent data from server logs analyzed by Silent Push reveal that the group's infrastructure has been highly active, with over one million page visits logged in just 20 days. This suggests that the actual number of SMS phishing messages sent may be significantly higher than the previously estimated 100,000 per day. A large portion of the group's phishing sites are hosted by major Chinese companies, Tencent and Alibaba, indicating a strong connection to Chinese cyberspace.
The group's latest tactic involves the introduction of the "Lighthouse" phishing kit, unveiled on a Telegram channel by the developer identified as Wang Duo Yu. This kit targets numerous financial institutions, particularly in Australia and the broader Asia-Pacific region, as well as major Western financial institutions like PayPal, Mastercard, and HSBC. The Lighthouse kit boasts advanced features such as one-click setup, real-time synchronization, and mechanisms to bypass multiple layers of security like OTP, PIN, and 3DS verification, making it a formidable tool for stealing banking credentials. Smishing Triad boasts it has “300+ front desk staff worldwide” supporting the Lighthouse kit, and continues to sell its phishing kits to other threat actors via Telegram.
ImgSrc: www.silentpush.
References :
The Smishing Triad's infrastructure is vast, utilizing over 8,800 unique IP addresses and stretching across more than 200 Autonomous System Numbers (ASNs). Recent data from server logs analyzed by Silent Push reveal that the group's infrastructure has been highly active, with over one million page visits logged in just 20 days. This suggests that the actual number of SMS phishing messages sent may be significantly higher than the previously estimated 100,000 per day. A large portion of the group's phishing sites are hosted by major Chinese companies, Tencent and Alibaba, indicating a strong connection to Chinese cyberspace.
The group's latest tactic involves the introduction of the "Lighthouse" phishing kit, unveiled on a Telegram channel by the developer identified as Wang Duo Yu. This kit targets numerous financial institutions, particularly in Australia and the broader Asia-Pacific region, as well as major Western financial institutions like PayPal, Mastercard, and HSBC. The Lighthouse kit boasts advanced features such as one-click setup, real-time synchronization, and mechanisms to bypass multiple layers of security like OTP, PIN, and 3DS verification, making it a formidable tool for stealing banking credentials. Smishing Triad boasts it has “300+ front desk staff worldwide” supporting the Lighthouse kit, and continues to sell its phishing kits to other threat actors via Telegram.
ImgSrc: www.silentpush.
Share:
References :
- bsky.app: SilentPush has published a profile of Chinese cybercrime group Smishing Triad. The group is massive, with operations across 121 countries.
- krebsonsecurity.com: China-based SMS phishing kits are enjoying remarkable success converting phished payment card data into mobile wallets from Apple and Google.
- cyberpress.org: A prevalent Chinese cybercrime group, dubbed Smishing Triad, has launched an extensive global cyberattack, targeting users in over 120 countries through sophisticated phishing campaigns.
- gbhackers.com: Smishing Triad, a Chinese eCrime group, has launched an extensive operation targeting users across more than 121 countries. This campaign, primarily focused on stealing banking credentials, has evolved to include diverse industries, from postal and logistics to finance and retail sectors.
- gbhackers.com: Smishing Triad, a Chinese eCrime group, has launched an extensive operation targeting users across more than 121 countries.
- Cyber Security News: Chinese eCrime Group Launches Global Attack to Steal Banking Credentials from Users in 120+ Countries
- securityonline.info: Smishing Triad: eCrime Group Targets 121+ Countries with Advanced Smishing
Classification:
- HashTags: #Smishing #Phishing #Cybercrime
- Company: Silent Push
- Target: Banking Customers
- Attacker: Smishing Triad
- Product: SMS Phishing Kits
- Feature: SMS phishing
- Malware: Lighthouse
- Type: Phishing
- Severity: Major