SMS Spam Shipping Multi-Tool Targeting SaaS Credentials

Tags

External References

• https://www.sentinelone.com/
• https://otx.alienvault.com/

Description

Xeon Sender is a Python script that enables threat actors to conduct SMS spam and smishing campaigns by leveraging legitimate APIs from nine different SaaS providers. It was first observed in 2022 and has been rebranded by various threat actors. The tool facilitates bulk SMS spam attacks, taking advantage of organizations with valid credentials and permissions for these services, enabling attacks without exploiting vulnerabilities. SMS spam and smishing are increasingly popular tactics executed through cloud and SaaS platforms.

Date