Cybercriminals target UAE residents, visitors in new info-stealing campaign

A group of hackers in recent months has attempted to steal personal and financial information from residents and visitors of the United Arab Emirates in a new text-based phishing campaign, according to new research.
The cybercriminals - called the Smishing Triad gang - sent malicious text messages purportedly from UAE authorities, luring victims into providing data such as home addresses, phone numbers, and credit card information.
The messages, targeting both Apple iOS and Google Android mobile devices, contained a link to a fake website that looked almost identical to the one of the UAE state agency responsible for residency and foreign affairs, according to researchers at Resecurity.
Before launching the attacks, the hackers likely obtained information about UAE residents and foreigners living in or visiting the country through third-party data breaches, business email compromises or databases purchased on the dark web, researchers said.
To make their targeting more precise, the hackers used geolocation filters.
This ensured that the phishing website would only appear when accessed from UAE IP addresses and mobile devices.
In their previous campaigns, Smishing Triad hackers posed as U.S., U.K., and European postal providers.
The criminals sent malicious links to victims through SMS or iMessage, and used URL-shortening services like bit.
The researchers didn't attribute this campaign to a specific country but said that one of the hackers' critical domain names was registered via a China-based organization.
Resecurity said it notified UAE law enforcement and cybersecurity agencies about the campaign.
Just last week, the UAE was targeted by a different kind of attack coming from politically motivated hackers.
They replaced the original TV broadcast with graphic footage from the war between Israel and Hamas.
Daryna Antoniuk is a freelance reporter for Recorded Future News based in Ukraine.
She writes about cybersecurity startups, cyberattacks in Eastern Europe and the state of the cyberwar between Ukraine and Russia.
She previously was a tech reporter for Forbes Ukraine.
Her work has also been published at Sifted, The Kyiv Independent and The Kyiv Post.


This Cyber News was published on therecord.media. Publication date: Wed, 20 Dec 2023 15:20:09 +0000


Cyber News related to Cybercriminals target UAE residents, visitors in new info-stealing campaign

Cybercriminals target UAE residents, visitors in new info-stealing campaign - A group of hackers in recent months has attempted to steal personal and financial information from residents and visitors of the United Arab Emirates in a new text-based phishing campaign, according to new research. The cybercriminals - called the ...
10 months ago Therecord.media
AWS LetsEncrypt Lambda: Custom TLS Provider - DZone - Trying to renew ... INFO[0000] Checking certificate for domain 'hackernoon.referrs.me' with arn 'arn:aws:acm:us-east-2:004867756392:certificate/72f872fd-e577-43f4-ae38-6833962630af' INFO[0000] Certificate status is 'ISSUED' INFO[0000] Certificate in ...
1 month ago Feeds.dzone.com
UAE Cybersecurity Official Warns of VPN Abuse - The top cyber official in the United Arab Emirates worries that virtual private networks are being misused in the country. UAE residents increased their downloads of VPN apps by 1.83 million in 2023, reaching a total of 6.1 million, according to the ...
9 months ago Darkreading.com
Vulnerability Summary for the Week of March 4, 2024 - Published 2024-03-06 CVSS Score not yet calculated Source & Patch Info CVE-2023-52584416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - ...
7 months ago Cisa.gov
Smishing Triad Targets UAE Residents in Identity Theft Campaign - Security researchers have observed a new fraudulent campaign orchestrated by the Smishing Triad gang and impersonating the United Arab Emirates Federal Authority for Identity and Citizenship. Operating through malicious SMS messages that claim to be ...
10 months ago Infosecurity-magazine.com
Vulnerability Summary for the Week of March 11, 2024 - Published 2024-03-15 CVSS Score not yet calculated Source & Patch Info CVE-2021-47111416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - Product linux - linux Description In the ...
7 months ago Cisa.gov
UAE Banks on AI to Boost Cybersecurity - For the United Arab Emirates, an aggressive push for a more digitized economy attracted plenty of interest and subsequent investment - but also made it a prime candidate for relentless cyberattacks. With nearly 50,000 cyberattacks reportedly thwarted ...
10 months ago Darkreading.com
Vulnerability Summary for the Week of November 27, 2023 - PrimaryVendor - Product apple - multiple products Description A memory corruption vulnerability was addressed with improved locking. Published 2023-12-01 CVSS Score not yet calculated Source & Patch Info CVE-2023-48842 PrimaryVendor - Product dell - ...
11 months ago Cisa.gov
New Rhadamanthys stealer version enhances features, evasion - The developers of the Rhadamanthys information-stealing malware have recently released two major versions to add improvements and enhancements across the board, including new stealing capabilities and enhanced evasion. Rhadamanthys is a C++ ...
10 months ago Bleepingcomputer.com
Rhadamanthys Stealer malware evolves with more powerful features - The developers of the Rhadamanthys information-stealing malware have recently released two major versions to add improvements and enhancements across the board, including new stealing capabilities and enhanced evasion. Rhadamanthys is a C++ ...
10 months ago Bleepingcomputer.com
CVE-2008-7092 - Multiple cross-site scripting (XSS) vulnerabilities in Unica Affinium Campaign 7.2.1.0.55 allow remote attackers to inject arbitrary web script or HTML via a Javascript event in the (1) url, (2) PageName, and (3) title parameters in a ...
7 years ago
SMS Phishing Messages Targets UAE Citizens, Visitors - A malicious SMS campaign that harvests personal information and credit card details is targeting citizens and visitors to the United Arab Emirates. The text-based campaign, run by the so-called Smishing Triad Gang, impersonates the United Arab ...
10 months ago Darkreading.com
Russian Cyberattackers Launch Multiphase PsyOps Campaign - Russia-linked threat actors employed both PysOps and spear-phishing to target users over several months at the end of 2023 in a multiwave campaign aimed at spreading misinformation in Ukraine and stealing Microsoft 365 credentials across Europe. The ...
8 months ago Darkreading.com
Cybercriminals expand targeting of Iranian bank customers with known mobile malware - Researchers have uncovered more than 200 fake mobile apps that mimic major Iranian banks to steal information from their customers. The campaign was first discovered in July of this year, but since then, the cybercriminals have expanded their ...
11 months ago Therecord.media
What SOCs Need to Know About Water Dybbuk - According to the Federal Bureau of Investigation, BEC costs victims more money than ransomware, with an estimated US$2.4 billion being lost to BEC in the US in 2021. Recently, BEC scammers have been using stolen accounts from legitimate Simple Mail ...
1 year ago Trendmicro.com
UAE, Saudi Arabia Become Plum Cyberattack Targets - Hacktivism-related DDoS attacks have risen 70% in the region, most often targeting the public sector, while stolen data and access offers dominate the Dark Web. With the UAE and Saudi Arabia increasingly invested in digitization, AI development, and ...
1 month ago Darkreading.com
Nearly 3 million affected by ransomware attack on medical software firm - Millions of people across the U.S. had their information exposed following a ransomware attack on a company that provides software to hospitals and emergency medical services. The data theft occurred before the gang attempted to encrypt the ...
10 months ago Therecord.media
Ransomware Attacks Strike South Africa, Decline in UAE - Cybercrime - and especially ransomware - traditionally have had an uneven impact across the Middle East and Africa, yet recent data suggests that ongoing geopolitical conflicts will likely raise the overall level of cyberattacks across the regions. ...
11 months ago Darkreading.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
5 months ago Cybersecurity-insiders.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
5 months ago Cybersecurity-insiders.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
5 months ago Cybersecurity-insiders.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
5 months ago Cybersecurity-insiders.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
5 months ago Cybersecurity-insiders.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
5 months ago Cybersecurity-insiders.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
5 months ago Cybersecurity-insiders.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)