CyberSecurityBoard
Sponsor Register Login

Cybercriminals Leveraging CapCut Popularity to Harvest Apple ID Credentials & Credit Card Data

The attack then transitions to its second phase, presenting victims with a fake “Apple Pay Refund” interface requesting credit card details under the pretext of processing the subscription refund. Cybercriminals have begun exploiting the widespread popularity of CapCut, the dominant short-form video editing application, to orchestrate sophisticated phishing campaigns targeting Apple ID credentials and credit card information. The attack campaign employs meticulously crafted fake CapCut subscription invoices distributed via email, presenting recipients with fraudulent billing notifications for CapCut Pro subscriptions priced at $49.99 per month. These deceptive communications incorporate official CapCut branding and Apple Store references, creating an authentic appearance that instills trust in potential victims. This emerging threat demonstrates how attackers strategically leverage trending applications to enhance the credibility of their malicious schemes, creating convincing lures that deceive unsuspecting users into surrendering sensitive personal and financial data. Upon credential submission, the malicious site executes an HTTP POST request to the command-and-control server at IP address 104[.]21[.]33[.]45, transmitting stolen Apple ID credentials in plaintext format. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. This domain, completely unrelated to legitimate Apple services, presents an authentic-looking interface that mimics official Apple branding and design elements. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news. The researchers noted that threat actors have implemented advanced social engineering tactics, combining urgency-driven messaging with financial incentives to manipulate victims into compliance. This final component serves to delay victim suspicion and prevent immediate incident reporting, allowing attackers additional time to exploit harvested credentials before detection. Tushar is a Cyber security content editor with a passion for creating captivating and informative content.

This Cyber News was published on cybersecuritynews.com. Publication date: Fri, 27 Jun 2025 13:25:11 +0000


Cyber News related to Cybercriminals Leveraging CapCut Popularity to Harvest Apple ID Credentials & Credit Card Data

Cybercriminals Leveraging CapCut Popularity to Harvest Apple ID Credentials & Credit Card Data - The attack then transitions to its second phase, presenting victims with a fake “Apple Pay Refund” interface requesting credit card details under the pretext of processing the subscription refund. Cybercriminals have begun exploiting the ...
3 hours ago Cybersecuritynews.com
How to perform a proof of concept for automated discovery using Amazon Macie | AWS Security Blog - After reviewing the managed data identifiers provided by Macie and creating the custom data identifiers needed for your POC, it’s time to stage data sets that will help demonstrate the capabilities of these identifiers and better understand how ...
8 months ago Aws.amazon.com
Preventing Credit Card Fraud with PoS Malware: How Prilex Blocks Contactless Payments - New versions of the Prilex point-of-sale malware can block secure, NFC-enabled contactless credit card transactions, forcing consumers to insert credit cards that are then stolen by the malware. On a payment terminal, contactless transactions use NFC ...
2 years ago Bleepingcomputer.com
Is Your Online Store Hacked in a Carding Attack? - Hackers are plotting to benefit from the generosity of Halloween, Thanksgiving, and Christmas shoppers using carding attacks as we gear up for the holiday season shopping. Online companies selling products or services are struggling with the growing ...
1 year ago Cybersecuritynews.com
CVE-2021-36845 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities in YITH Maintenance Mode (WordPress plugin) versions < 1.3.8, there are 46 vulnerable parameters that were missed by the vendor while patching the 1.3.7 version to 1.3.8. ...
3 years ago
Ransomware attack on Patelco Credit Union causes confusion ahead of holiday weekend - One of the largest credit unions on the West Coast continues to struggle with its operations following a ransomware attack that began on Saturday. Patelco Credit Union - one of the nation's oldest credit unions with more than $9 billion in assets - ...
11 months ago Therecord.media
BidenCash darkweb market gives 1.9 million credit cards for free - The BidenCash stolen credit card marketplace is giving away 1.9 million credit cards for free via its store to promote itself among cybercriminals. BidenCash launched in early 2022 as a new marketplace on both the dark web and the clearnet, selling ...
1 year ago Bleepingcomputer.com
Prilex PoS Malware Blocks NFC Transactions to Steal Credit Card Data - The point-of-sale malware named Prilex has been modified to block contactless transactions in an effort to force users to insert their credit cards into terminals and steal their information. Initially detailed in 2017, Prilex has evolved from ...
2 years ago Securityweek.com
Halting Hackers on the Holidays 2023 - As we saw with major holidays including Black Friday and Cyber Monday and now right around the corner and a massive increase in shopping online for the Christmas season, we count the breaches and total personally identifiable information records lost ...
1 year ago Cyberdefensemagazine.com
IT-Harvest Reaches Milestone With Ingestion of 10K Cybersecurity Products Into Dashboard - PRESS RELEASE. BIRMINGHAM, Mich., March 11, 2024/PRNewswire/ - IT-Harvest, the only provider of comprehensive cybersecurity industry data, is thrilled to announce a significant milestone in its journey. IT-Harvest's industry Dashboard, the company's ...
1 year ago Darkreading.com
New Versions of Prilex POS Malware Can Block Contactless Transactions - New versions of Prilex point-of-sale malware have been spotted in the wild. Their new capabilities include blocking Near Field Communication credit card transactions. This way clients are obliged to use the machine to pay, allowing the malicious code ...
2 years ago Heimdalsecurity.com
Prilex PoS Malware Evolves to Block Contactless Payments to Steal from NFC Cards - The Brazilian threat actors behind an advanced and modular point-of-sale malware known as Prilex have reared their head once again with new updates that allow it to block contactless payment transactions. Russian cybersecurity firm Kaspersky said it ...
2 years ago Thehackernews.com
Credit union operations restored after tech supplier ransomware attack - The federal agency that oversees credit unions said operations at about 60 of the organizations have been restored following a ransomware attack last month. Ongoing Operations, a cloud services provider owned by credit union technology firm ...
1 year ago Therecord.media Lorenz
9 online scams to watch out for this holiday season - By being aware of these common online scams and taking precautions, you can protect yourself and your family from becoming victims this holiday season. The holiday season is upon us, and that means it's time to start shopping for gifts. It's not just ...
1 year ago Blog.avast.com
Europol warns 443 online shops infected with credit card stealers - Europol has notified over 400 websites that their online shops have been hacked with malicious scripts that steal debit and credit cards from customers making purchases. Skimmers are small snippets of JavaScript code added to checkout pages or loaded ...
1 year ago Bleepingcomputer.com
Unmasking Identity Theft: Detection and Mitigation Strategies - In an increasingly digital world, the threat of identity theft looms large, making it imperative for individuals to be proactive in detecting potential breaches and implementing effective mitigation measures. This article delves into key strategies ...
1 year ago Cybersecurity-insiders.com
9 tips to protect your family against identity theft and credit and bank fraud - With access to your personal information, bad actors can drain your bank account and damage your credit-or worse. By taking the right steps, you and your loved ones can enjoy the peace of mind that comes from identity protection. Check out the nine ...
1 year ago Webroot.com
Arrests in Tap-to-Pay Scheme Powered by Phishing – Krebs on Security - Asked for specifics about the mobile devices seized from the suspects, Lyon said “tap-to-pay fraud involves a group utilizing Android phones to conduct Apple Pay transactions utilizing stolen or compromised credit/debit card information,” ...
3 months ago Krebsonsecurity.com
Hackers Exploit WordPress Plugin to Steal Credit Card Data - Hackers have exploited an obscure WordPress plugin to inject malware into websites, specifically targeting WooCommerce online stores to steal credit card information. This alarming trend highlights the persistent threat cybercriminals pose and the ...
1 year ago Gbhackers.com
Threat Actors Attacking Content Creators With Fake AI Tools to Hijack Their Devices - A recent campaign involved fake social media ads promoting “CapCutProAI,” which redirected users to sites hosting malware designed to steal sensitive information, including login credentials, cryptocurrency wallets, and browser histories, often ...
2 months ago Cybersecuritynews.com
60 US credit unions offline after cloud ransomware infection The Register - A ransomware infection at a cloud IT provider has disrupted services for 60 or so credit unions across the US, all of which were relying on the attacked vendor. This is according to the National Credit Union Administration, which on Friday told The ...
1 year ago Go.theregister.com
Patelco Credit Union data breach impacted over 1 million people - The ransomware attack on Patelco Credit Union this summer led to a data breach affecting over 1 million individuals, revealed the company. Patelco Credit Union now provides an update on the incident and discloses that the data breach impacted ...
8 months ago Securityaffairs.com Ransomhub
4 Million Stolen Credit Cards to Be Released for Free by B1ack’s Stash Marketplace - Preliminary analyses suggest that the stolen credit card data was likely obtained through phishing campaigns, malware attacks, and compromised e-commerce platforms. The cybersecurity community is on high alert as B1ack’s Stash, a known ...
4 months ago Cybersecuritynews.com
B1ack’s Stash MarketPlace Actors to Release 4 Million Stolen Credit Card Details for Free - The continuous leaks of sensitive financial data underscore the urgent need for enhanced cybersecurity measures, including proactive monitoring for compromised credentials, implementation of robust fraud detection systems, and improved user education ...
3 months ago Cybersecuritynews.com
Credentials are Still King: Leaked Credentials, Data Breaches and Dark Web Markets - Infostealers infect computers, steal all of the credentials saved in the browser along with active session cookies and other data, then export it back to command and control infrastructure before, in some cases, self-terminating. This article will ...
1 year ago Bleepingcomputer.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)