- "기밀 VM의 빈틈을 메운다" 마이크로소프트의 오픈소스 파라바이저 '오픈HCL'란?
- The best early Black Friday AirPods deals: Shop early deals
- The 19 best Black Friday headphone deals 2024: Early sales live now
- I tested the iPad Mini 7 for a week, and its the ultraportable tablet to beat at $100 off
- The best Black Friday deals 2024: Early sales live now
Smishing Triad: China-Based Fraud Network Exposed
A Chinese-speaking cyber-criminal group named “Smishing Triad” has been observed conducting a large-scale smishing campaign targeting US citizens.
This campaign has skillfully impersonated various postal and delivery services, including Royal Mail (UK), New Zealand Postal Service, Correos (Spain), PostNord (Sweden), Poste Italiane, Italian Revenue Service, USPS, Poczta Polska (Poland), J&T Express (Indonesia) and New Zealand Post.
The group uses iMessage to send package-tracking text scams, aiming to collect personally identifying information (PII) and payment credentials for identity theft and credit card fraud.
According to a new advisory published by Resecurity on Wednesday, the Smishing Triad campaign differs from previous smishing attacks by exclusively utilizing iMessages from compromised Apple iCloud accounts as their primary delivery method, setting it apart from traditional SMS or calls.
Read more on iCloud security: Apple Introduces New Data Protections to Increase Cloud Security
The smishing kits used by the group have been offered for sale in Telegram IM groups, creating a thriving fraud-as-a-service network. Resecurity obtained and reverse engineered one such kit, uncovering an SQL injection vulnerability that allowed them to retrieve data from over 108,000 victims to warn them of potential identity theft.
Further investigation revealed that Smishing Triad collaborates with other cyber-criminals and offers cybercrime-as-a-service infrastructure. Their smishing kit subscriptions start at $200 per month, providing customers with activation codes and scripts for deployment, often using various frameworks.
The group has targeted multiple postal and delivery services worldwide. They have also attacked online shopping platforms by injecting malicious code to intercept customer data.
Smishing attacks continue to evolve, exploiting users’ trust in SMS and iMessage communication channels. In their advisory, Resecurity highlighted the need for consumer awareness and advised organizations to safeguard their customers better.
“It is complicated to disrupt cyber-criminal activity committed by actors located in foreign jurisdictions like China without proper regulatory harmonization and mutual legal assistance abroad,” reads the technical write-up.
“Resecurity is thus sharing information about the ‘Smishing Triad’ with the cybersecurity community and general public to raise awareness to help organizations better safeguard their customers.”
Editorial image credit: The Toidi / Shutterstock.com