14 DAY TRIAL // Cybercriminals have compromised the website of an India-based software company and they’re abusing it to host phishing pages and other malicious elements.
According to Bitdefender researchers, the attackers launched a spam campaign that leverages the name and reputation of HSBC and other financial institutions. The links from the bogus notifications lead to a phishing page hosted on the compromised site.
Here, victims are asked to hand over their account credentials.
In addition to the phishing page, the hijacked website also hosts a couple of encrypted JavaScript files, detected as Trojan.Iframe.RW and Trojan.JS.QJD. The threats are designed to inject iFrames into the website to redirect visitors to adware.
“JavaScript Trojans are mainly embedded in legitimate but poorly-crafted websites. Trojan.Iframe may be injected in a legal web page to download further malware and to be used for future cyber-attacks,” Bitdefender’s Bianca Stanescu noted.