CyberSecurityBoard
Sponsor Register Login

Hackers Registered 10K Domains With Same Name for Smishing Attack Via iMessage

Cyber Security News learned that the registered domains follow a consistent pattern, with root domain names beginning with the string “com-.” This naming convention is intended to mislead victims during casual inspections of URLs, making the domains appear legitimate. These domains are designed to impersonate toll services and package delivery platforms across multiple U.S. states and one Canadian province, aiming to deceive victims into revealing sensitive personal and financial information. The smishing messages originate from email addresses or phone numbers and entice users to click malicious links or reply with sensitive information.

This Cyber News was published on cybersecuritynews.com. Publication date: Sat, 08 Mar 2025 06:05:20 +0000


Cyber News related to Hackers Registered 10K Domains With Same Name for Smishing Attack Via iMessage

Toward Ending the Domain Wars: Early Detection of Malicious Stockpiled Domains - The two main advantages of detecting stockpiled domains are expanding coverage of malicious domains and providing patient-zero detections as attackers stock up on domains for future use. As of July 2023, our detection pipeline has found 1,114,499 ...
1 year ago Unit42.paloaltonetworks.com
Hackers Registered 10K Domains With Same Name for Smishing Attack Via iMessage - Cyber Security News learned that the registered domains follow a consistent pattern, with root domain names beginning with the string “com-.” This naming convention is intended to mislead victims during casual inspections of URLs, making ...
1 week ago Cybersecuritynews.com
Smishing: SMS Phishing Attacks And How to Thwart Them - Smishing is a fast growing version of one of the most established and lucrative scams on the internet. Smishing, like other forms of phishing, aims to trick you into revealing sensitive data and information; however, instead of email, cybercriminals ...
1 year ago Cysecurity.news
InfectedSlurs Botnet Spreads Mirai via Zero-Days - The payload targets routers and network video recorder devices with default admin credentials and installs Mirai variants when successful. Until November 9, 2023, the vulnerable devices being targeted were unknown. Since both the name and the version ...
1 year ago Akamai.com
Cloudflare loses 22% of its domains in Freenom.tk shutdown - A staggering 12.6 million domains on TLDs controlled by Freenom have been shut down and no longer resolve, leading to a significant reduction in the number of websites hosted by Cloudflare. The disappearance of these websites was spotted during our ...
1 year ago Netcraft.com
Apple Sets Trap to Catch iMessage Impersonators - Apple's latest iOS and macOS platform refresh came with a lot more than urgent security patches. The company activated a new feature called iMessage Contact Key Verification in another attempt to block impersonators and sophisticated threat actors ...
1 year ago Securityweek.com
Apple Sets Trap to Catch iMessage Impersonators - Apple's latest iOS and macOS platform refresh came with a lot more than urgent security patches. The company activated a new feature called iMessage Contact Key Verification in another attempt to block impersonators and sophisticated threat actors ...
1 year ago Packetstormsecurity.com
Cybercriminals target UAE residents, visitors in new info-stealing campaign - A group of hackers in recent months has attempted to steal personal and financial information from residents and visitors of the United Arab Emirates in a new text-based phishing campaign, according to new research. The cybercriminals - called the ...
1 year ago Therecord.media
Researchers Hunted Malicious Stockpiled Domains DNS Records - Malicious stockpiled domains are the collection of domain names that threat actors acquire in advance for several types of future malicious activities like:-. While all these domains are often kept unused initially to evade detection, and then later ...
1 year ago Cybersecuritynews.com
Imperva Client-Side Protection Mitigates the Polyfill Supply Chain Attack - The recent discovery of a website supply chain attack using the cdn. Polyfill.io domain has left many websites vulnerable to malicious code injection. Once a trusted resource for adding JavaScript polyfills to websites, the domain has recently become ...
8 months ago Imperva.com
Spooky action: Phantom domains create hijackable hyperlinks - Links to phantom domains don’t pose an inherent risk — so long as companies ensure they review websites for misspelled URLs and remove any placeholder links, hijacked hyperlinks are impossible. From an education standpoint, enterprises ...
5 months ago Securityintelligence.com
CVE-2020-25600 - An issue was discovered in Xen through 4.14.x. Out of bounds event channels are available to 32-bit x86 domains. The so called 2-level event channel model imposes different limits on the number of usable event channels for 32-bit x86 domains vs ...
2 years ago
Hunting for malicious domains with VT Intelligence ~ VirusTotal Blog - Please note that this blogpost is part of our #VTMondays series, check out our collection of past publications here. Many cyberattacks begin by victims visiting compromised websites that host malware or phishing scams, threat actors use domains for ...
1 year ago Blog.virustotal.com
Detectify platform enhancements address growing attack surface complexity - Detectify announced a new Domains page and major improvements to existing capabilities for setting custom attack surface policies. These updates bring control over attack surface data and enable organizations to seamlessly configure alerts for policy ...
9 months ago Helpnetsecurity.com
Attack Vector vs Attack Surface: The Subtle Difference - Cybersecurity discussions about "Attack vectors" and "Attack surfaces" sometimes use these two terms interchangeably. This article guides you through the distinctions between attack vectors and attack surfaces to help you better understand the two ...
2 years ago Trendmicro.com
How Hackers Interrupted GTA 5 Online Gameplay on PC - Recently, a cyber-attack on Grand Theft Auto 5 Online on PC caused an interruption to thousands of players’ gameplays. The game was completely taken offline and players couldn’t even access the main gameplay menu. The attack caused an uproar ...
2 years ago Hackread.com
Apple Smashes Ban Hammer on Beeper iMessage Users - Apple has taken to banning Beeper's Android users from iMessage entirely. Tim's crew still claims Beeper is a threat to user security, but nobody's buying that excuse. Cofounder Eric Migicovsky has all but given up Beeper's game of Whac-A-Mole. In ...
1 year ago Securityboulevard.com
AsyncRAT Loader Delivers Malware via JavaScript - For at least 11 months, this threat actor has been working on delivering the Remote Access Trojan through an initial JavaScript file, embedded in a phishing page. After more than 300 samples and over 100 domains later, the threat actor is persistent ...
1 year ago Cybersecurity-insiders.com
Epik, the Far-Right's Favorite Web Host, Has a Shadowy New Owner - A technology company that has been essential in keeping far-right and extremist websites online was acquired last year by a firm that operates an empire of shell companies across the United States, according to people familiar with the deal. Epik.com ...
1 year ago Wired.com
Smishing Triad Targets UAE Residents in Identity Theft Campaign - Security researchers have observed a new fraudulent campaign orchestrated by the Smishing Triad gang and impersonating the United Arab Emirates Federal Authority for Identity and Citizenship. Operating through malicious SMS messages that claim to be ...
1 year ago Infosecurity-magazine.com
Typosquatting Wave Shows No Signs of Abating - One of the most enduring of these exploits is the practice of typosquatting - i.e., using look-alike websites and domain names to lend legitimacy to social engineering efforts. These look-alikes prey on users' inattention to verifying legitimate ...
1 year ago Darkreading.com
Meet Ika & Sal: The Bulletproof Hosting Duo from Hell - In 2020, the United States brought charges against four men accused of building a bulletproof hosting empire that once dominated the Russian cybercrime industry and supported multiple organized cybercrime groups. The Spamdot admins went by the ...
1 year ago Krebsonsecurity.com
Sandworm Hackers Caused Another Blackout in Ukraine-During a Missile Strike - The notorious unit of Russia's GRU military intelligence agency known as Sandworm remains the only team of hackers to have ever triggered blackouts with their cyberattacks, turning off the lights for hundreds of thousands of Ukrainian civilians not ...
1 year ago Wired.com
650,000+ Malicious Domains Registered Resembling ChatGPT - Hackers abuse the ChatGPT name for malicious domains to exploit the credibility associated with the ChatGPT model, deceiving users into trusting fraudulent websites. Leveraging the model's reputation enables them to trick individuals into:-. This ...
1 year ago Gbhackers.com
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
1 year ago Esecurityplanet.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)