(Subscribe to our Today's Cache newsletter for a quick snapshot of top 5 tech stories. Click here to subscribe for free.)
A new phishing campaign is using an old form of communication to hide malicious URLs in an email attachment.
Morse Code was a popular form of communication in the 1800s. It uses a code language in which each letter and number is encoded as a series of dots and dashes.
According to a report by online portal BleepingComputer , the threat actor started using Morse code last week to bypass mail gateways and filters by hiding malicious URLs.
While instances of such attack in the past could not be found, there were many samples uploaded to VirusTotal, a free service that analysis files and URLs for viruses, worms, trojans and other malicious content, since February 2.
The attack reported through a Reddit post starts with an email containing a HTML attachment that looks like a spreadsheet-type invoice.
BleepingComputer explained when viewed in a text editor, one can see that attachment includes JavaScript that maps letters and numbers. Different letters were mapped in separate codes.
The script and HTML attachment work together to create a fake spreadsheet that requires users to sign-in and enter their passwords again. Users are then directed to a site that collects the login credentials.
To make the login form look real, attackers are using logos for the recipient’s companies and Office365. The online portal has identified eleven companies that have fallen prey to this attack.
