Phishing attacks represent one of the main security threats that can put our computers at risk. The goal of hackers is to launch a bait to steal passwords and credentials. In this article we echo how they use Morse code to hide a malicious URL. It is a new campaign that uses this peculiar technique to achieve its mission.
Morse code to launch Phishing attacks
It is a reality that cybercriminals constantly perfect their techniques to achieve their goal and infect a system, damage the operation of a computer, steal passwords … We have many security tools that can protect us, but the truth is that sometimes it is not enough .
Hackers use this Morse code-based technique to bypass the email provider’s security measures . This way they could hide malicious links and avoid filters.
According to the security researchers, this novel attack is not very different from other similar ones in terms of the message that the victims receive. It is an alleged false invoice dated February of this year 2021. It includes an HTML file whose name pretends to be an invoice in EXCEL of the company. For example, the file name would be: redeszone_factura_08_02_xlsx.HTML.
When they analyzed the attachment in a text editor, they could see that they include JavaScript that maps letters and numbers to Morse code. That script calls a function to decode the Morse code to a hexadecimal string. This string is decoded again and injected into the HTML file.
These scripts injected and combined with the HTML attachment contain different resources necessary to generate a fake EXCEL spreadsheet that is responsible for informing that the login time has expired and that the username and password must be reset.
Right at this moment the classic Phishing attack begins: the victim enters the key but it goes directly to a server controlled by the hackers. This is the way they use to steal your credentials and passwords.
Phishing attacks, increasingly present
It should be noted that this type of problem is very present today. Cybercriminals are perfecting their attacks every time, as we have mentioned. Phishing has progressed over time and continues to be one of the most used strategies to steal passwords.
Without a doubt, the best defense to avoid Phishing attacks is common sense . Avoid clicking on links that are not safe, do not download suspicious attachments, do not log in through third party links … All of this could help us to properly protect our privacy.
But it is also essential to have security programs . A good antivirus can detect malicious software and certain attacks that seek to infect our computer. As is keeping our team updated. Sometimes vulnerabilities emerge that can be exploited to attack. We always need to have the latest patches and thus properly correct those problems that may arise.