These malicious actors are exploiting Gamma’s advanced capabilities to host phishing redirect pages directly on the legitimate domain, gamma.app, raising concerns about the misuse of AI-powered tools in cyberattacks. Cybercriminals are leveraging Gamma AI, a platform designed for creating presentations, websites, and documents, to build sophisticated and difficult-to-detect phishing page redirectors. By hosting the initial redirector on Gamma’s domain, attackers exploit the trust associated with the platform, making it harder for security vendors to identify and block these threats. The phishing scheme begins with a link hosted on Gamma’s domain (e.g., hxxps://gamma[.]app/docs/...). When clicked, users are redirected through a series of intermediary pages. The use of AI-powered platforms like Gamma in phishing campaigns highlights the evolving sophistication of cyber threats. Security systems often whitelist trusted domains like gamma.app, inadvertently allowing these malicious links to pass through undetected. This trend mirrors other recent phishing campaigns that have exploited services like Cloudflare R2, and YouTube attribution links to distribute malicious content. This approach ensures that only human victims reach the malicious pages while security tools remain blind to the attack chain. Once the CAPTCHA is solved, users are either directed to a genuine website like Wikipedia (in sandbox mode) or sent to a fully operational phishing page hosted on another system. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. Gamma AI offers tools that allow users to create polished websites and presentations without coding skills.
This Cyber News was published on cybersecuritynews.com. Publication date: Mon, 24 Mar 2025 13:20:04 +0000