HackRead reports that a new cybercrime group, identified as Pink, is actively targeting corporate data for financial extortion. This threat, believed to be associated with the broader Com network, was initially exposed by Palo Alto Networks' research division, Unit 42.Pink avoids traditional malware, instead employing voice phishing (vishing) to trick employees into visiting credential-stealing domains. Once credentials are compromised, attackers gain access to Microsoft 365, using legitimate tools to rapidly exfiltrate sensitive files from OneDrive and SharePoint. The group then uses compromised accounts to demand payment from victims via internal communications, imposing a strict 72-hour deadline.Gurucul's analysis reveals Pink utilizes fileless methods, embedding code within temporary memory to evade standard antivirus detection. The group also exhibits evasive behavior when detecting security analysis environments. To counter this threat, organizations should train employees to independently verify IT phone calls, monitor for unusual automated scripts, block known malicious domains, and implement behavioral monitoring to detect large, sudden data transfers.Source: HackRead
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds