A phishing campaign dubbed 'Phish n' Ships' has been underway since at least 2019, infecting over a thousand legitimate online stores to promote fake

Over a thousand online shops hacked to show fake product listings

submited by
Style Pass
2024-10-31 15:00:15

A phishing campaign dubbed 'Phish n' Ships' has been underway since at least 2019, infecting over a thousand legitimate online stores to promote fake product listings for hard-to-find items.

Unsuspecting users clicking on those products are redirected to a network of hundreds of fake web stores that steal their personal details and money without shipping anything.

According to HUMAN's Satori Threat Intelligence team that discovered Phish n' Ships, the campaign has impacted hundreds of thousands of consumers, causing estimated losses of tens of millions of dollars.

The attack starts by infecting legitimate sites with malicious scripts by exploiting known vulnerabilities (n-days), misconfigurations, or compromised administrator credentials.

Once a site is compromised, the threat actors upload inconspicuously named scripts such as "zenb.php" and "khyo.php," with which they upload fake product listings.

These items are complete with SEO-optimized metadata to increase their visibility on Google search results, from where victims can be drawn.

Leave a Comment