This analysis explores the Rockstar 2FA phishing-as-a-service kit, focusing on real-world email campaign examples. It highlights various techniques used by attackers, including the abuse of legitimate services for FUD (Fully Undetectable) links, such as Microsoft OneDrive, OneNote, Dynamics 365, Atlassian Confluence, and Google Docs Viewer. The use of QR codes in phishing attempts and the insertion of stolen email threads to inflate message size are also discussed. The article emphasizes the multi-stage nature of these attacks and the importance of caution when dealing with emails sent through trusted platforms. Author: AlienVault
Related Tags:
email campaigns
rockstar
T1550.001
T1534
T1566.002
T1204.001
T1078
T1566
AlienVault OTX
Associated Indicators:
FE581134D7AE4857A97443270A27E0FA
lifestylesyncteche.pro
lifestreamtechho.ru
recambioselecue.ru
urbanlifeinnolo.ru
vidy-cloudy.com.pl
synthchromal.ru
fruechtebox-expresszsnu.ru
luthschoenmode.nl