Today > | 2 Medium vulnerabilities   -   You can now download lists of IOCs here!

Smishing Triad Is Targeting Pakistan To Defraud Banking Customers At Scale

June 12, 2024, 11:03 a.m.

Description

Resecurity has identified a new activity of a cybercrime group known as Smishing Triad, which has expanded its operations to Pakistan. The group is employing tactics involving sending malicious messages impersonating Pakistan Post to customers of mobile carriers via iMessage and SMS, with the goal of stealing their personal and financial information. The code and templates used by the attackers are consistent with previous instances of Smishing Triad activity targeting online banking, e-commerce, and payment systems customers in other regions.

Date

Published: June 12, 2024, 10:35 a.m.

Created: June 12, 2024, 10:35 a.m.

Modified: June 12, 2024, 11:03 a.m.

Indicators

http://ytfrt.top/id

http://pakpotech.top/id

http://pak-post.com/id

http://linkr.it/4bStpB

http://l.ead.me/bf6fB8

http://l.ead.me/BjsT

http://2h.ae/nwxP

http://2h.ae/cNRd

pk-post-goi.xyz

ep-gov-ppk.icu

ep-gov-ppk.cyou

ep-gov-pkw.cfd

correosytelegrafos-civ.icu

correos-es.cn

Attack Patterns

Smishing Triad

T1200

T1189

T1598

T1592

T1566

Additional Informations

Pakistan