CySecurity News – Latest Information Security and Hacking Incidents
Security researchers at CloudSEK, a digital risk protection firm have witnessed a significant surge in the usage of reverse tunnel services and URL shorteners in conjunction with wide-scale phishing campaigns.
The methodology employed by attackers is different from the more typical modus operandi of registering domains with hosting providers, who are more likely to react to complaints and shut down the malicious sites.
The reverse tunnel services assist threat actors in hosting phishing pages locally using their devices and route connections via the external service. Additionally, they can develop new URLs through the URL shortening services as many times as required to bypass security detection. Many of the phishing URLs are updated in less than 24 hours, making it more difficult for researchers to spot and take down malicious domains.
As reported by BleepingComputer, researchers have identified more than 500 sites hosted and distributed using a combination of reverse tunneling and URL shortening. Ngrok, LocalhostRun, and Argo were the most commonly abused reverse tunnel services, wh
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: