Generaly, a new OTP bot setup capable of capturing OTP, Card CVV, pin codes, and recordings of the spoofed calls. The bot has a dedicated Telegram channel to capture & display information.

DragonForce has been actively targeting Indian entities under #OpsPatuk and #OpsIndia. Breach of some sensitive Government websites containing PII, military operations, and other government secrets.

Hostinger’s preview domain feature abused to host phishing sites

An RCE vulnerability in Zimbra webmail servers being actively exploited to target multiple organizations worldwide. The exploit was used to launch a spear phishing campaign against Europe.

CloudSEK discovered a threat actor group named SolidBit, offering RaaS (Ransom-as-a-Service) on an underground forum. The group is actively looking for partners to gain access to companies’ private networks in order to spread the ransomware called SolidBit.

CloudSEK’s contextual AI digital risk platform XVigil discovered a post by the Mysterious Team announcing the use of the Raven Storm tool DDoS attacks. The tool uses multi-threading for sending multiple packets at a single moment of time and getting the target down.

We discovered a social engineering campaign launched by threat actors impersonating the official employees of KSEB (Kerala State Electricity Board).The campaign was carried out via text messages which requested the customers to connect with a particular number for assistance with their electricity bill payment.

CloudSEK’s AI powered Digital Risk Protection (DRP) Platform identified a Twitter account involved in a new type of phishing scam campaign where the threat actor is misusing Zoho Forms to steal information from banking customers.