Attackers Hijack Craigslist Emails to Bypass Security, Deliver MalwareOriginal article: https://threatpost.com/attackers-hijack-craigslist-email-malware/1757...
Click Here:- https://www.youtube.com/watch?v=rM8SZ-SjCZEfeature=youtu.be
Musical instruments, motorcycle parts and now malware — Craigslist really does have it all.
The Craigslist internal email system was hijacked by attackers this month to deliver convincing messages, ultimately aimed at avoiding Microsoft Office security controls in order to deliver malware.
Sent from an authentic Craigslist IP address, the emails informed users that one of their published ads included inappropriate content and violated Craigslist‘s terms and conditions, giving false instructions on how to avoid having their accounts deleted.
Researchers at INKY discovered that the attackers manipulated the email’s HTML into a customized document with a malware-download link uploaded to a Microsoft OneDrive page. That page impersonated major brands like DocuSign, Norton and Microsoft.
That also allowed the campaign to slip past standard email authentication.
“Since the URL to resolve the issue hosted a customized document placed on Microsoft OneDrive, it did not appear on any threat intelligence feed, allowing it to slip past most security vendors,” the researchers noted in a posting this week.
