Silent Push

The phishing campaign for Google Ads accounts continues with a new twist: targeting Semrush customers. This is likely an effort from the criminal group to circumvent detection for directly attacking the Google Ads brand. Instead, by buying ads for Semrush (a SaaS platform used for SEO, advertising and market research etc.) they are still reaching their goal, and may in fact capture fewer, but more valuable accounts. I did the research with the modest SEO expert Elie Berreby, who provided some key insights into Google Analytics, Search Console and Semrush. These ecosystems are all interconnected and highlight the impact of fraud after account compromise. The Silent Push platform was helpful early in the investigation to identify additional domains using the same template which we eventually saw through malicious ads. Link to the blog post in the comments.

Shoutout to Malwarebytes for the mention in their latest blog on the Semrush impersonation scam! ???♂? We're thrilled our platform could help uncover key infrastructure in this campaign. Cybercriminals are getting more creative in targeting online marketing tools, and this deep dive exposes how they’re using Google Ads for phishing attacks. #cybersecurity #semrush #malwarebytes #phishing #GoogleAds

?? Fake Captcha and #ClickFix scams are evolving their tactics. Now, alongside the usual fake #Zoom and Booking pages, we're spotting campaigns impersonating #GoogleMeet. Stay cautious?– never paste code from untrusted sites. #phishing #CTI #threatintel #cybersecurity #cyberattack

??? Quick tip for hunting Lumma Stealer domains by checking WHOIS Records in Silent Push Lumma actors often create C2 domains in (likely automated) batches, which means you’ll find clusters of domains with extremely similar registration times. This is a key pattern you can use to your advantage when hunting for these domains. ?? Use a Silent Push WHOIS search to quickly identify these clusters and uncover potential threats. ?? Oh, and you can do this using our FREE Community Edition. Register today and start detecting IOFAs: https://hubs.ly/Q03cwb660 #indicatorsoffutureattack #IOFAs #lummastealer #C2 #cyberattack #cybersecurity

??? STOP brand impersonation attacks with complete subdomain discovery A multi-national media organization faced a serious threat –?attackers spoofing the Okta IAM platform via subdomains. With thousands of subdomains in use, their security team needed full visibility to protect their infrastructure. Silent Push’s DNS and web content scanning engine provided a complete discovery of their associated threat infrastructure, uncovering vulnerabilities before attackers could exploit them. ?? Want to safeguard your digital footprint? Learn how: https://hubs.ly/Q03cg4r60 #subdomain #cyberattack #cybersecurity #CTI

In 2024, the volume and complexity of cyber threats escalated. Outsmart malicious adversaries proactively uncovering hidden infrastructure before it's used. Stop a cyber attack and those in the works.

How does your organization stay up to date with emerging threats while maintaining operational efficiency? Check out our Foundation for Early Detection Framework, which highlights how we deliver preemptive intelligence by proactively executing the three key stages of raw data collection, information analysis and content analysis. The end result? Indicators of Future Attack (IOFAs) - real time, accurate and actionable indications of attacker behavior and intent that are neatly packaged and delivered right to your security team’s doorstep. Join us on our journey to move away from outdated threat intelligence and towards actionable, preemptive solutions - register for our free Community Edition below ?? https://hubs.ly/Q03bl-ng0 #IOC #IOFA #silentpush #CTI #cybersecurity

Is your team ready for the evolving landscape of cybersecurity? Preemptive threat intelligence with Indicators of Future Attack (IOFAs) is driving real change – exposing millions of instances of unknown adversary infrastructure set up for an attack. ?? Start revealing hidden adversary infrastructure today: https://hubs.ly/Q03bm2N_0 #IOFAs #cybersecurity #CTI #threatintelligence #preemptive

Missed our recent threat report? ?? Lumma Stealer malware thrives as Silent Push uncovers unique patterns in the infostealer's domain clusters. Read: https://hubs.ly/Q03blXcV0 Are your credentials at risk? Infostealer networks are expanding, with stolen logins surfacing across hacking forums. At the same time, malware is spreading through YouTube links, making security awareness more critical than ever. Stay proactive with Indicators of Future Attack (IOFAs). #lummastealer #C2 #malware #cyberincident #threatintelligence #cybersecurity

Dark Web Scanning with Silent Push free Community Edition: https://hubs.ly/Q03b58py0 Confident in your threat intelligence? You might be missing something. ???♂? In this blog, learn how to uncover hidden threats by linking dark web activity with public-facing activity?– BEFORE it becomes a problem. Register for our free Community Edition to follow along: https://hubs.ly/Q03b4_Jw0 #darkweb #darknet #threatintelligence #CTI #IOFA #cybersecurity #threatanalyst