acm-header
Sign In

Communications of the ACM

Home/News/Phishing Attack Uses Morse Code to Hide Malicious.../Full Text
ACM TechNews

Phishing Attack Uses Morse Code to Hide Malicious URLs

By BleepingComputer
February 16, 2021
Comments
View as: Print Mobile App Share:
Morse Code Machine

Credit: Getty Images

BleepingComputer has identified a new targeted phishing campaign in which emails pretending to be company invoices use Morse code in an attachment to hide malicious URLs and bypass secure mail gateways and mail filters. The HTML attachment includes JavaScript that maps letters and numbers to Morse code.

A decodeMorse function is used to decode a Morse code string into a hexadecimal string, which is further decoded into JavaScript tags that are injected into the HTML page and, combined with the HTML attachment, are able to render a fake Excel spreadsheet. Users are informed that their sign-in timed out and prompted to reenter their password, after which the form submits the password to a remote site where their login credentials are collected by the attackers.

BleepingComputer found 11 companies targeted by the phishing attack and recommended that Windows file extensions be enabled to identify suspicious attachments more easily.

From BleepingComputer
View Full Article

 

Abstracts Copyright © 2021 SmithBucklin, Washington, DC, USA

 

No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account