Stay updated on the latest developments of the Chrome Web Store incident involving Cyberhaven's compromised extension. Follow live updates, detailed analysis, impacted extensions, and expert recommendations for safeguarding your organization against similar attacks
“SubdoMailing” — Thousands of Hijacked Major-Brand Subdomains Found Bombarding Users With Millions of Malicious Emails
Guardio Labs uncovers a sprawling campaign of subdomain hijacking, compromising already over 8,000 domains from esteemed brands and institutions, including MSN, VMware, McAfee, The Economist, Cornell University, CBS, Marvel, eBay and others. This malicious activity, dubbed “SubdoMailing”, leverages the trust associated with these domains to circulate spam and malicious phishing emails by the Millions each day, cunningly using their credibility and stolen resources to slip past security measures. In our detailed analysis, we disclose how we detected this extensive subdomain hijacking effort, its mechanisms, its unprecedented scale and the main threat actor behind it. Furthermore, we developedthe “SubdoMailing” checker — a website designed to empower domain owners to reclaim control over their compromised assets and shield themselves against such pervasive threats. This report not only sheds light on the magnitude of the issue but also serves as a call to action for enhancing domain security against future exploits.
An “unauthorized party” hijacked the cell phone number of the person running the SEC’s X account before taking over the social media feed and posting messages. In a statement on Monday, an SEC spokesperson explained that two days after the January 9 account takeover, the government agency spoke to its telecom carrier and discovered that someone “obtained control of the SEC cell phone number associated with the account in an apparent ‘SIM swap’ attack.”
