Hackers use Morse code to launch phishing attacks
According to a report by BleepingComputer, a threat actor started using Morse code last week to bypass mail gateways and filters by hiding malicious URLs.
The attack reported through a Reddit post starts with an email containing a HTML attachment that looks like a spreadsheet-type invoice.
BleepingComputer explained when viewed in a text editor, one can see that attachment includes JavaScript that maps letters and numbers. Different letters were mapped in separate codes.
The script and HTML attachment work together to create a fake spreadsheet that requires users to sign-in and enter their passwords again. Users are then directed to a site that collects the login credentials.
To make the login form look real, attackers are using logos for the recipient’s companies and Office365. The online portal has identified eleven companies that have fallen prey to this attack.
Once a user enters their password, the form will submit the password to a remote site where the attackers can collect the login credentials.
Morse Code is a way of representing letters of the alphabet, numerals, and punctuation marks by an arrangement of dots, dashes. It was typically used over radio communication systems.
An example of Morse code is shown below :-
Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.