Threat actors are using Morse code – ‘the novel obfuscation technique’ for targeted phishing campaigns. This technique is known for the code language for Army and security services, by this technique, threat actors are able to hide the email attachment containing malicious URLs.
Hackers used the morse code in the phishing emails to bypass secure mail gateways and mail filters. Researchers discovered the strike on various samples of threat vector. Threat actors targeted the company by sending a malicious email posing to be an invoice for the company.
This mail looks like – “Revenue_payment_invoice February_Wednesday 02/03/2021” including the HTML attachment for the invoice as [company_name] _ invoice _ [number]._xlsx.html.
Threat actors are tricking users by using the logo-clearbit.com service to make the form look more convincing, in case the logo is not available then the logo of generic Office 365 is used. The other companies which have suffered due to this phishing attack are Dimensional, Metrohm, SBS, Nuovo IMAIE, ODDO BHF Asset Management, SGS, Dimensional, SBI (Mauritius) Ltd., Bridgestone, Cargeas, Equinti, Capital Four, and Dea Capital.
Morse code was invented by the American artist and inventor Samuel F.B. Morse during the 1830s for electrical telegraphy and further upgraded by American scientist and businessman Alfred Lewis Vail. It is a technique used in telecommunication to encode text characters by an arrangement of dots, dashes, and spaces.