Massive ongoing US toll fraud underpinned by Chinese smishing kit

Numerous threat actors have been leveraging an SMS phishing kit developed by Chinese threat actor "Wang Duo Yu" to conduct a widespread smishing attack campaign against toll road users across several U.S. states that has been underway since October, The Hacker News reports.

Intrusions involved the spoofing of E-ZPass and other U.S. automated toll payment systems in texts and iMessages in fake alerts about unpaid tolls that include a link, which redirect to a bogus E-ZPass page seeking victims' names and ZIP codes before redirecting to another fake page for payment, according to a Cisco Talos analysis. Researchers found that the smishing kit in the attacks were similar to those utilized by Chinese threat operation Smishing Triad. Smishing Triad which was reported by Resecurity to have used more than 60,000 domains to elude disruption has been launching attacks with the novel Lighthouse phishing kit to compromise credentials from Asia-Pacific and Australian financial entities since last month, noted Silent Push.