Cybersecurity researchers from Resecurity have reported a new series of attacks by Chinese-speaking cybercriminals known as the “Smishing Triad.” These hackers are pretending to be state departments of the United Arab Emirates and sending harmful SMS messages to collect confidential information from both locals and visiting foreigners.
According to experts, the cybercriminals are using URL shortening services like Bit.ly to mask the real domain and location of their fake websites. This tactic helps the hackers avoid detection and keep their malicious activities hidden.
The “Smishing Triad” was first identified in September of this year. The group is actively exploiting iCloud hacking records to send fraudulent messages, which allows them to successfully steal personal data and carry out financial fraud.
In addition to their own attacks, the cybercriminals are also offering pre-packaged SMS-malware sets for $200 per month to other attackers. They are also targeting MageCart e-commerce platforms by injecting malicious code to steal customer data.
Resecurity researchers have noted that the tools and services used by these attackers can be sold through the FAAS (Fraud-as-a-Service) model. This underground market allows cybercriminals to rent or purchase everything they need for their malicious operations, including viruses, phishing kits, stolen data, and DDOS attack services.