Threats Tagged 'phishing campaigns'
View all threats tagged with 'phishing campaigns'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'phishing campaigns'
Click on any threat for detailed analysis and mitigation recommendations
Defending the Digital Pitch: World Cup 2026 Cyber Threats 0 The 2026 FIFA World Cup creates a large attack surface across three countries and multiple sectors, attracting diverse cyber threats. Attackers have initiated phishing campaigns, fraudulent ticket sales, and brand impersonation targeting governments, sponsors, broadcasters, transportation, and telecom companies. Financially motivated actors focus on credential theft and payment fraud. Hacktivist and state-aligned groups, including pro-Iranian actors, may conduct DDoS attacks, website defacements, and espionage amid geopolitical tensions. Ransomware groups threaten organizations dependent on continuous service availability. Thousands of FIFA-themed domains have been registered, many linked to fraud. The overall threat level is medium, reflecting the broad but varied nature of these campaigns. Join the discussion | AlienVault OTX General | 06/11/2026, 21:09:40 UTC Added: 06/15/2026, 19:15:22 UTC |
A stealthy RAT burrowing deep into Android devices 0 BTMOB is an Android remote access trojan that evolved from SpySolr malware and poses significant threats beyond traditional banking trojans. The malware combines phishing-led delivery with an APK builder interface that enables rapid payload generation without coding skills. Distributed through fake app stores impersonating streaming services, cryptocurrency platforms, and government agencies, BTMOB abuses Android Accessibility Services to gain elevated permissions. Marketed as malware-as-a-service with a reported $5,000 lifetime license, it provides adversaries with capabilities to exfiltrate sensitive data, capture screenshots, record device activity, and establish remote control. The tool's customizable phishing lures have been adapted for specific regions, including campaigns impersonating Argentine tax authorities, making it a rapidly evolving threat with global reach. Join the discussion | AlienVault OTX General | 05/31/2026, 23:32:45 UTC Added: 06/01/2026, 08:48:35 UTC |
FormBook Malware Uses Phishing, DLL Side-Loading, JavaScript 0 Two distinct phishing campaigns have been identified targeting companies in Greece, Spain, Slovenia, Bosnia and Central American countries to deliver FormBook data-stealing malware. The first campaign uses RAR attachments containing legitimate executables like Sandboxie ImBox.exe, TikTok desktop, Adobe PDF Preview Handler, and XZ Utils, exploiting DLL side-loading with malicious DLL files. The second campaign deploys heavily obfuscated JavaScript that drops encrypted PNG files, uses PowerShell with Base64 encoding, and leverages a custom .NET loader called Mandark to inject the payload into RegAsm process. Both campaigns deliver the same FormBook executable that employs advanced evasion by manually mapping ntdll.dll in memory to bypass user-mode monitoring and perform direct syscalls, enabling credential theft and data collection from browsers while avoiding detection mechanisms. Join the discussion | AlienVault OTX General | 04/22/2026, 12:43:19 UTC Added: 04/22/2026, 15:31:05 UTC |
Showing 1 to 3 of 3 results