Craigslist Email System Breach Leads to Infected Microsoft OneDrive Document - WinBuzzer

DOWNLOAD LINK GATHER AT THE END OF THIS CONTENT
Cybersecurity Lock Notebook Keyboard via Pixabay

Craigslist may be the place people head to buy second-hand goods, but it also now being used by threat actors to bypass Microsoft Office security. Security researchers for INKY found[1] Craigslist’s internal email network was breached in a targeted attack aimed at Microsoft OneDrive users.

It seems the email system was used to send legitimate looking message. In fact, the messages come from a real Craigslist IP, making them seem authentic. In the emails, users are told that an add they placed on the platform is in violation of terms and conditions.

Accompanying the warning are instructions for the user to avoid their account being removed. One problem is the instructions and the whole email are fake.

Advertisement

References

  1. ^ researchers for INKY found (www.inky.com)
  2. ^ Windows 10 Disk Cleanup in extended mode (winbuzzer.com)

Total