Security researchers from EclecticIQ, supported by additional findings from Silent Push, have uncovered a methodical approach to domain registration that enables cybersecurity professionals to proactively identify and track new attack infrastructure. “Luna Moth’s choice of victims shows a deliberate focus on high-trust service sectors, especially legal, financial, and insurance firms, where sensitive data is widespread and closely tied to both reputation and regulatory compliance,” notes the EclecticIQ report. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. The group has evolved beyond traditional phishing techniques that rely on malicious attachments or links, instead employing telephone-oriented attack delivery (TOAD) methods that begin with seemingly benign emails directing recipients to call fake helpdesk numbers. These chatbots engage victims in real-time, guiding them toward installing remote monitoring and management (RMM) tools like AnyDesk, TeamViewer, and ScreenConnect-all legitimate software that grants attackers hands-on keyboard access without deploying malware. Building on EclecticIQ’s research, security firm Silent Push has developed a methodology to identify newly created Luna Moth domains. Kaaviya is a Security Editor and fellow reporter with Cyber Security News. Organizations should also regularly monitor for new domain registrations that may target their brand using the methodology outlined by security researchers. A sophisticated new strain of malware dubbed "Chimera" has emerged in 2025, representing a significant evolution in cyber threats. She is covering various cyber security incidents happening in the Cyber Space.
This Cyber News was published on cybersecuritynews.com. Publication date: Mon, 05 May 2025 09:40:02 +0000