TTPwire Vol. 1 · MITRE ATT&CK·Tagged

← All stories

Bleeping Computer

Hackers abuse Google ads for GoDaddy ManageWP login phishing

Bill Toulas · 1 hour ago · Read original ↗

ATT&CK techniques detected

5 predictions
T1566.002Spearphishing Link
98%
“hackers abuse google ads for godaddy managewp login phishing a phishing campaign delivered through google sponsored search results is targeting credentials for managewp, godaddy ’ s platform for managing fleets of wordpress websites. the threat actor is using an adversary - in - …”
T1566.002Spearphishing Link
94%
“common phishing pages that capture username and password pairs, the campaign uses a live aitm setup, as the attacker uses the credentials to log into the platform in real - time. the victim is then served a fake prompt to enter the two - factor authentication ( 2fa ) code, which …”
T1588.006Vulnerabilities
53%
“illegal activity, includes an educational / research use disclaimer, and prohibits public leaks of panel files or use against russia - based systems. guardio labs has captured victim data from the attackers and started to contact victims to alert them about the exposure. the rese…”
T1557Adversary-in-the-Middle
37%
“hackers abuse google ads for godaddy managewp login phishing a phishing campaign delivered through google sponsored search results is targeting credentials for managewp, godaddy ’ s platform for managing fleets of wordpress websites. the threat actor is using an adversary - in - …”
T1111Multi-Factor Authentication Interception
32%
“hackers abuse google ads for godaddy managewp login phishing a phishing campaign delivered through google sponsored search results is targeting credentials for managewp, godaddy ’ s platform for managing fleets of wordpress websites. the threat actor is using an adversary - in - …”

Summary

A phishing campaign delivered through Google sponsored search results is targeting credentials for ManageWP, GoDaddy's platform for managing fleets of WordPress websites. [...]