Security resarchers discovered a phishing campaign primarily based in the US which is targeting the credit card data and other personal information of Netflix users.
The campaign mimics real Netflix web pages in order to trick unsuspecting users into handing over their personal information and multiple “evasion techniques” have been used by the attackers to avoid detection by phishing filters.
For example, the phishing pages are hosted on legitimate but compromised web servers and were not displayed to users from certain IP addresses where the DNS resolved to companies such as Google or PhishTank.
Writing on the FireEye blog, advanced malware researcher Mohammed Mohsin Dalla explains how the attack starts with an email notification asking users to update their account membership and includes a link directing recipients to a fake Netflix login page.
“Upon submitting their credentials, victims are then directed to webpages requesting additional membership details and payment information,” he says. “These websites also attempt to mimic authentic Netflix webpages and appear legitimate. Once the user has entered their information, they are taken to the legitimate Netflix homepage.”
The campaign also uses AES encryption (Advanced Encryption Standard) to encode the content presented at the client’s side, leveraging code obfuscation to help evade text-based detection by preventing inspection of the webpage content.
“The PHP file is used to encrypt the webpages at the server side,” Dalla explains. “At the client side, the encrypted content is decoded using a defined function in the JavaScript file. Finally, the webpage is rendered using the ‘document.write’ function.”
Netflix finally completed an eight-year cloud migration project to AWS at the beginning of last year, shutting down its last data centre, but was also slammed by Greenpeace earlier this week for falling short on renewable energy commitments.
Quiz: What do you know about the past year in the world of tech?
Digital transformation is an ongoing journey, requiring continuous adaptation, strong leadership, and skilled talent to…
Australian computer scientist faces contempt-of-court claim after suing Jack Dorsey's Block and Bitcoin Core developers…
OpenAI's ChatGPT gets search features, putting it in direct competition with Microsoft and Google, amidst…
New Google Maps allows users to ask for detailed information on local spots, adds AI-summarised…
US-sanctioned Huawei sees sales surge in first three quarters of 2024 on domestic smartphone popularity,…
Apple posts slight decline in China sales for fourth quarter, as Tim Cook negotiates to…
