Infosecurity Magazine
CloudZ Malware Abuses Phone Link to Steal SMS OTPs
ATT&CK techniques detected
T1556.006Multi-Factor Authentication
70%
“system startup under the system account. cloudz itself is a. net executable obfuscated with confuserex and compiled in mid - january 2026. talos observed multiple anti - analysis layers, including timing - based sleep checks, enumeration of security tools such as wireshark, procm…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1566.002Spearphishing Link
39%
“cloudz malware abuses phone link to steal sms otps a windows malware toolkit has been observed stealing sms messages and one - time passwords ( otps ) from victim machines by hijacking microsoft ' s phone link application, sidestepping the need to directly compromise a target ' s…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
Cisco Talos uncovers CloudZ RAT and Pheno plugin abusing Microsoft Phone Link to intercept SMS OTPs