Source: www.proofpoint.com – Author:
Attacks exploiting Lovable have been observed across a quartet of campaigns, one of which was a widespread Tycoon phishing-as-a-service kit-powered operation involving emails with Lovable-hosted links redirecting to bogus Microsoft login pages that facilitated credential, multi-factor authentication token, and session cookie compromise, a report from Proofpoint showed. Threat actors have also harnessed Lovable-hosted phishing pages in a UPS-spoofing payment and data theft campaign and an Aave-impersonating cryptocurrency theft operation. On the other hand, multiple Lovable apps purporting to be invoice portals have been leveraged in another campaign that resulted in the delivery of the zgRAT trojan. While Lovable has moved to facilitate the real-time discovery of illicit sites, with plans to adopt more proactive measures to block nefarious accounts, Guardio Labs reported the creation of a malicious site without any warning from the platform.
Get essential knowledge and practical strategies to use AI to better your security program.
Related
Trojanized ScreenConnect deployed in widespread attack
SiliconANGLE reports that over 900 organizations across various sectors, most of which are in the U.S., have been subjected to attacks spreading a trojanized version of the ConnectWise ScreenConnect remote monitoring and management tool as part of an ongoing campaign.
Get daily email updates
SC Media’s daily must-read of the most current and pressing daily news
Original Post URL: https://www.proofpoint.com/us/newsroom/news/illicit-activity-powered-lovable-website-builder-abuse-rise
Category & Tags: –
Views: 2
