Major U.S. defense and aerospace firm Lockheed Martin and over 200 other companies across various sectors have been spoofed as part of an advanced phishing operation underpinned by Google Cloud and Cloudflare infrastructure that has remained undetected since 2021, Cyber Security News reports.Threat actors have utilized more than 48,000 virtual hosts across 86 clusters to exploit legitimate organizations' expired domains and deploy clones of corporate websites, which were convincingly crafted through the exploitation of the web scraping tool HTTrack Website Copier, a report from Deep Specter Research revealed.Almost 6,000 virtual hosts were part of the biggest single cluster, indicating potential usage in a far-reaching data breach. Further analysis of the phishing operation's source code showed that the usage of a sophisticated cloaking system allowed selective content delivery and the prolonged evasion of Google Cloud and Cloudflare detection systems.
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds